{"id":302,"name":"dompurify","ecosystem":"npm","repository_url":"https://github.com/cure53/DOMPurify","issues_count":5472,"created_at":"2025-06-06T15:01:33.659Z","updated_at":"2025-06-06T15:01:33.659Z","purl":"pkg:npm/dompurify","metadata":{"id":1627018,"name":"dompurify","ecosystem":"npm","description":"DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin","homepage":"https://github.com/cure53/DOMPurify","licenses":"(MPL-2.0 OR Apache-2.0)","normalized_licenses":["MPL-2.0","Apache-2.0"],"repository_url":"https://github.com/cure53/DOMPurify","keywords_array":["dom","xss","html","svg","mathml","security","secure","sanitizer","sanitize","filter","purify"],"namespace":null,"versions_count":130,"first_release_published_at":"2014-05-21T18:34:38.970Z","latest_release_published_at":"2025-05-19T15:23:47.190Z","latest_release_number":"3.2.6","last_synced_at":"2025-06-05T23:30:46.864Z","created_at":"2022-04-09T12:25:15.948Z","updated_at":"2025-06-05T23:33:14.823Z","registry_url":"https://www.npmjs.com/package/dompurify","install_command":"npm install dompurify","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"latest":"3.2.6"}},"repo_metadata":{"id":14220784,"uuid":"16927692","full_name":"cure53/DOMPurify","owner":"cure53","description":"DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:","archived":false,"fork":false,"pushed_at":"2025-06-02T13:32:42.000Z","size":10029,"stargazers_count":15261,"open_issues_count":0,"forks_count":781,"subscribers_count":155,"default_branch":"main","last_synced_at":"2025-06-05T02:24:58.353Z","etag":null,"topics":["cross-site-scripting","dom","dompurify","html","javascript","mathml","prevent-xss-attacks","sanitizer","security","svg","xss"],"latest_commit_sha":null,"homepage":"https://cure53.de/purify","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cure53.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"cure53"}},"created_at":"2014-02-17T21:48:14.000Z","updated_at":"2025-06-04T21:01:37.000Z","dependencies_parsed_at":"2023-01-14T12:30:22.458Z","dependency_job_id":"7f69c37e-0c74-4c6c-a057-f2cf2223d52a","html_url":"https://github.com/cure53/DOMPurify","commit_stats":{"total_commits":1660,"total_committers":116,"mean_commits":"14.310344827586206","dds":0.4126506024096386,"last_synced_commit":"2cf6e2510699261a0004e3431c4e8a0bbd65b230"},"previous_names":[],"tags_count":130,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cure53","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":258313661,"owners_count":22682039,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"cure53","name":"Cure53","uuid":"6709482","kind":"user","description":"And there is fire where we walk.","email":"","website":"https://cure53.de","location":"Berlin","twitter":null,"company":"Fine penetration tests for fine websites","icon_url":"https://avatars.githubusercontent.com/u/6709482?u=4149eb5ebf4e59175c31bbc618805bce4d0535dc\u0026v=4","repositories_count":20,"last_synced_at":"2025-06-04T23:18:53.429Z","metadata":{"has_sponsors_listing":true},"html_url":"https://github.com/cure53","funding_links":["https://github.com/sponsors/cure53"],"total_stars":22841,"followers":2583,"following":0,"created_at":"2022-11-02T16:25:42.714Z","updated_at":"2025-06-04T23:18:53.430Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cure53","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cure53/repositories"},"tags":[{"name":"3.2.6","sha":"32f765e632ff34eebf5e08128ae1ff8f0d0bbe7a","kind":"commit","published_at":"2025-05-19T15:16:10.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.2.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.6/manifests"},{"name":"3.2.5","sha":"78060045e4d3ec0d199eb61bbeca02d8268ac310","kind":"commit","published_at":"2025-04-03T12:54:02.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.2.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.5/manifests"},{"name":"3.2.4","sha":"ec29e65f3675077c1a78e6edcab97f797f004a2e","kind":"commit","published_at":"2025-01-30T07:23:45.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.2.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.4/manifests"},{"name":"2.5.8","sha":"ee992fc4880215757c9c09e9638bb95e1dc24533","kind":"commit","published_at":"2024-12-09T08:41:34.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.8","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.8/manifests"},{"name":"3.2.3","sha":"f1106aae5a861d1096cb57ad9a6f518b4279ea8c","kind":"commit","published_at":"2024-12-09T08:32:09.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.2.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.3/manifests"},{"name":"3.2.2","sha":"3990b7e925285fa7fc9d63150e91d8e448215737","kind":"commit","published_at":"2024-11-29T10:40:23.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.2.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.2/manifests"},{"name":"3.2.1","sha":"7f154b33e3f15e9cff658dfbe1816ccd4a850b84","kind":"commit","published_at":"2024-11-20T07:34:47.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.2.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.1/manifests"},{"name":"3.2.0","sha":"f0d750730b2595722bde07bbbee1ee65c79943aa","kind":"commit","published_at":"2024-11-11T14:30:21.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.2.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.2.0/manifests"},{"name":"3.1.7","sha":"69c8c12940dbf98aef5f44eea77151e1aef532dc","kind":"commit","published_at":"2024-09-26T11:07:13.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.1.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.7/manifests"},{"name":"2.5.7","sha":"71683cb29a6ce35938f2cd1f48fd9e2af2fff10c","kind":"commit","published_at":"2024-09-26T10:18:18.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.7/manifests"},{"name":"3.1.6","sha":"4083a9096be35cfe5b569abd21e500f43b39e294","kind":"commit","published_at":"2024-07-05T10:30:51.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.1.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.6/manifests"},{"name":"2.5.6","sha":"d78f24171d7e1e6c20d8d6f496c8f8f66efb1ca3","kind":"commit","published_at":"2024-07-05T10:12:03.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.6/manifests"},{"name":"3.1.5","sha":"6676133b2ba2fe02346a4794a712e5ec2c3539a0","kind":"commit","published_at":"2024-05-31T09:04:49.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.1.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.5/manifests"},{"name":"2.5.5","sha":"de2545c445baa47d4aa40ece463ecf3a7688125e","kind":"commit","published_at":"2024-05-31T08:36:39.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.5/manifests"},{"name":"3.1.4","sha":"7517e9c475dbc1c7f8535a60f17bb55aabd52ba6","kind":"commit","published_at":"2024-05-20T11:11:10.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.1.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.4/manifests"},{"name":"2.5.4","sha":"10c12610b15875ea09129c35fca28a886857434f","kind":"commit","published_at":"2024-05-19T11:41:56.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.4/manifests"},{"name":"2.5.3","sha":"e1ddfc7b5e6d6599c369f826699b0204e2c691b9","kind":"commit","published_at":"2024-05-11T10:17:55.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.3/manifests"},{"name":"3.1.3","sha":"3fe78d7501103832166613bb1452985dd4674008","kind":"commit","published_at":"2024-05-11T10:01:24.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.1.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.3/manifests"},{"name":"3.1.2","sha":"5b2e3171e403535656270e3aa1842ff030f136e4","kind":"commit","published_at":"2024-04-30T08:07:15.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.1.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.2/manifests"},{"name":"2.5.2","sha":"d299fccd846a15e1724dd673d02ca2de0a442de2","kind":"commit","published_at":"2024-04-30T07:51:41.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.2/manifests"},{"name":"3.1.1","sha":"7a0a984a8aea7341ce084f72cda806e2395b336b","kind":"commit","published_at":"2024-04-26T10:55:38.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.1.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.1/manifests"},{"name":"2.5.1","sha":"f275c0b719026501f80d383af942bda921cdf300","kind":"commit","published_at":"2024-04-26T10:47:25.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.1/manifests"},{"name":"2.5.0","sha":"7f6cf8a7590ddb4fbc2e914d42544ed2dcf1c4cd","kind":"commit","published_at":"2024-04-07T12:04:04.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.5.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.5.0/manifests"},{"name":"3.1.0","sha":"db19269d8f9029cba78eabc9d6b52e73c31702ad","kind":"commit","published_at":"2024-04-07T12:03:16.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.1.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.1.0/manifests"},{"name":"2.4.9","sha":"79cfb378f326e6d92574e784ea19500e29dd4c38","kind":"commit","published_at":"2024-03-21T10:00:39.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.9","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.9/manifests"},{"name":"3.0.11","sha":"f2b637fc8418b14214a9e4b5e4693a33a9077f4e","kind":"commit","published_at":"2024-03-19T11:06:05.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.11","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.11/manifests"},{"name":"3.0.10","sha":"f2b637fc8418b14214a9e4b5e4693a33a9077f4e","kind":"commit","published_at":"2024-03-19T11:06:05.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.10","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.10/manifests"},{"name":"2.4.8","sha":"416ba67433df765ba4de2ff1138d7e24eb0eb06a","kind":"commit","published_at":"2024-03-19T10:58:14.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.8","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.8/manifests"},{"name":"3.0.9","sha":"699b1c94cdf9044df3eba3b26574ab020ab36dc4","kind":"commit","published_at":"2024-02-20T14:20:52.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.9","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.9/manifests"},{"name":"3.0.8","sha":"ec1346a8dcf52471276b84bdf4180d3059a00c57","kind":"commit","published_at":"2024-01-05T16:40:13.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.8","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.8/manifests"},{"name":"3.0.7","sha":"aa2c561415e684f0e1e3cff57c8b1102edaa4dd4","kind":"commit","published_at":"2024-01-03T12:03:10.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.7/manifests"},{"name":"3.0.6","sha":"1b864e746bb73ad4990bf02f1e1d924151c25a3b","kind":"commit","published_at":"2023-09-28T08:22:00.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.6/manifests"},{"name":"3.0.5","sha":"c96c9df61f1070146c0c13078e85b33d8fed3e51","kind":"commit","published_at":"2023-07-11T07:59:34.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.5/manifests"},{"name":"2.4.7","sha":"ef731c0bab8ff102edbb3d121ab7c1995cc372b4","kind":"commit","published_at":"2023-07-11T07:39:53.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.7/manifests"},{"name":"3.0.4","sha":"177736320e6f34ab007f640fdb29529ced7bd392","kind":"commit","published_at":"2023-06-29T16:02:01.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.4/manifests"},{"name":"2.4.6","sha":"5b7dff926464caa98481eb693861735194940b5d","kind":"commit","published_at":"2023-06-29T15:47:07.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.6/manifests"},{"name":"3.0.3","sha":"c70f8c57e60d2b4eb29d560682e7832febd62eaa","kind":"commit","published_at":"2023-05-06T12:22:41.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.3/manifests"},{"name":"3.0.2","sha":"671167b9f6af6502080a946655d9118c4fc4818b","kind":"commit","published_at":"2023-04-14T17:01:31.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.2/manifests"},{"name":"3.0.1","sha":"e42464f0e06ab5899aae41c89920be9af8b2e826","kind":"commit","published_at":"2023-02-26T15:28:10.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.1/manifests"},{"name":"2.4.5","sha":"f464d957f24c48ec00076ee0d26694e3fd6c0387","kind":"commit","published_at":"2023-02-26T15:25:33.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.5/manifests"},{"name":"3.0.0","sha":"5dcf2a012c70ea8b65c0ecff7de86a61d7d98181","kind":"commit","published_at":"2023-02-13T16:34:36.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/3.0.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/3.0.0/manifests"},{"name":"2.4.4","sha":"fa4e8ee15042d3ff289f827145fd69a216a70aef","kind":"commit","published_at":"2023-02-13T16:32:41.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.4/manifests"},{"name":"2.4.3","sha":"90326ef9134a35e0f9dc71129784d2145a220961","kind":"commit","published_at":"2023-01-06T14:12:27.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.3/manifests"},{"name":"2.4.2","sha":"d1dd0374caef2b4c56c3bd09fe1988c3479166dc","kind":"commit","published_at":"2023-01-05T15:32:31.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.2/manifests"},{"name":"2.4.1","sha":"67f784cfc3f6ae0b98a4a9fd4b3e94ea16f90967","kind":"commit","published_at":"2022-11-10T13:52:45.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.1/manifests"},{"name":"2.4.0","sha":"5f8e875f4d01cffb8617d5999d9345417bdeb8bc","kind":"commit","published_at":"2022-08-24T17:32:29.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.4.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.4.0/manifests"},{"name":"2.3.12","sha":"caaae5ed3206082299518351da1c3fd1a66532f0","kind":"commit","published_at":"2022-08-23T15:36:31.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.12","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.12/manifests"},{"name":"2.3.11","sha":"30af6c8dbb9c0fa6c450b5ed0352175a031a18f9","kind":"commit","published_at":"2022-08-23T09:16:39.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.11","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.11/manifests"},{"name":"2.3.10","sha":"aedec31d54965e82f75a267096e2f03fec96cdb2","kind":"commit","published_at":"2022-07-18T13:00:58.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.10","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.10/manifests"},{"name":"2.3.9","sha":"52c8eb11bc2c00dd95a46708ffa518fdbea6d60c","kind":"commit","published_at":"2022-07-11T12:19:19.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.9","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.9/manifests"},{"name":"2.3.8","sha":"dc6db2c34727a8dd2a9c678cc64c5602d1ac6e94","kind":"commit","published_at":"2022-05-13T13:51:10.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.8","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.8/manifests"},{"name":"2.3.6","sha":"c84f6e4bb87b05f68ccf0ab471c97b80955779e9","kind":"commit","published_at":"2022-02-16T07:16:18.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.6/manifests"},{"name":"2.3.5","sha":"8eab0ac78cdd59fd089e2c6f173880465f45da6a","kind":"commit","published_at":"2022-01-26T14:00:17.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.5/manifests"},{"name":"2.3.4","sha":"fff1bd56ba984c7bc24ff9445b39ad775a00857e","kind":"commit","published_at":"2021-12-07T14:27:31.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.4/manifests"},{"name":"2.3.3","sha":"7fbe07c632906a7ca3b9534fc00e7c12ce2e25e9","kind":"commit","published_at":"2021-09-20T12:27:26.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.3/manifests"},{"name":"2.3.2","sha":"6fb973e4e58eca14830c980f0e8d98da09ef2ef2","kind":"commit","published_at":"2021-09-15T15:20:01.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.2/manifests"},{"name":"2.3.1","sha":"6cfcdf56269b892550af80baa7c1fa5b680e5db7","kind":"commit","published_at":"2021-08-13T14:43:20.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.1/manifests"},{"name":"2.3.0","sha":"e15ae1e91e0ffb469f3e10131f05e53e29e9bd7e","kind":"commit","published_at":"2021-07-06T10:23:48.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.3.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.3.0/manifests"},{"name":"2.2.9","sha":"9de5b19e5d701db408318df0f2935c74b25b7b09","kind":"commit","published_at":"2021-06-01T10:31:24.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.2.9","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.2.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.9/manifests"},{"name":"2.2.8","sha":"1bf9e2a4b0dae8b2dea57fe97cf110d5b07cd494","kind":"commit","published_at":"2021-04-28T07:42:09.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.2.8","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.2.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.8/manifests"},{"name":"2.2.7","sha":"a9ad5be0fc28e523a07cfca72e58829cecfd491a","kind":"commit","published_at":"2021-03-12T15:19:17.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.2.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.2.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.7/manifests"},{"name":"2.2.6","sha":"b11cb72fd45b9489ad989517e22b6141743a9fa3","kind":"commit","published_at":"2020-12-18T15:12:06.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.2.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.6/manifests"},{"name":"2.2.4","sha":"499b3bbe44e316449b6a05afb655391a9d55cee9","kind":"commit","published_at":"2020-12-15T16:33:10.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.2.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.4/manifests"},{"name":"2.2.3","sha":"e7086f7e40362923db596dce284c689e8db5faec","kind":"commit","published_at":"2020-12-07T13:25:00.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.2.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.3/manifests"},{"name":"2.2.2","sha":"7923e106c3ccfd0315ec008d5793976099baeabd","kind":"commit","published_at":"2020-11-02T20:01:55.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.2.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.2/manifests"},{"name":"2.2.0","sha":"0e31dce1cb7b3da5305e09b502a576d80457bde2","kind":"commit","published_at":"2020-10-21T07:24:00.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.2.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.2.0/manifests"},{"name":"2.1.1","sha":"32b3241855857b0825d964b1871778bde5bab0fa","kind":"commit","published_at":"2020-09-25T11:12:32.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.1.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.1.1/manifests"},{"name":"2.1.0","sha":"1f1c1193685dc1654dcc2b3cc1d993859a1375c8","kind":"commit","published_at":"2020-09-23T08:32:50.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.1.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.1.0/manifests"},{"name":"2.0.17","sha":"f04574b5c1761ace5fa4c60f3e452c0c2eb02ff4","kind":"commit","published_at":"2020-09-20T08:43:26.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.17","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.17/manifests"},{"name":"2.0.16","sha":"63061bf434836904e73404682ad6fe1e64f8e09d","kind":"commit","published_at":"2020-09-18T12:23:32.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.16","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.16/manifests"},{"name":"2.0.15","sha":"c025bc8070a5a8fc2c5550d177a4130d45691b94","kind":"commit","published_at":"2020-09-03T10:06:12.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.15","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.15/manifests"},{"name":"2.0.14","sha":"77a7fe730250f1171368c4a0d8f54f5edf4e02a1","kind":"commit","published_at":"2020-08-27T20:59:21.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.14","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.14/manifests"},{"name":"2.0.13","sha":"7491db173013b098402e1f073a20c79e2dc03010","kind":"commit","published_at":"2020-08-27T14:38:06.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.13","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.13/manifests"},{"name":"2.0.12","sha":"05bf3fc4dce98b0f182b8b988f9d39264144b3be","kind":"commit","published_at":"2020-06-24T14:28:20.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.12","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.12/manifests"},{"name":"2.0.11","sha":"afefcdd27805f707d29f20317b8fa18007b1e169","kind":"commit","published_at":"2020-05-06T17:06:46.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.11","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.11/manifests"},{"name":"2.0.10","sha":"32fba332eec78b9fd79187cb9d23d3a13f412271","kind":"commit","published_at":"2020-04-23T11:53:49.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.10","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.10/manifests"},{"name":"2.0.9","sha":"22ea2c2b3a032a3e0c0ce6e9f424c18b8480a9b8","kind":"commit","published_at":"2020-04-22T14:38:06.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.9","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.9/manifests"},{"name":"2.0.8","sha":"211f0c899136145c3ecc8df4bfff1548946263e2","kind":"commit","published_at":"2020-02-01T18:15:50.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.8","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.8/manifests"},{"name":"2.0.7","sha":"da4663394f59cfbd313996b858cf499689be76c3","kind":"commit","published_at":"2019-10-21T09:54:18.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.7/manifests"},{"name":"2.0.6","sha":"7acc4c3ed529c31b9632cb5784b3ddd50c32b4f4","kind":"commit","published_at":"2019-10-10T08:40:35.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.6/manifests"},{"name":"2.0.5","sha":"64fe2f0a94a7b639eb92f247f712362f53593569","kind":"commit","published_at":"2019-10-08T08:34:42.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.5/manifests"},{"name":"2.0.4","sha":"5476eb9cf075a6621e81b3bf2ce576bbf7701640","kind":"commit","published_at":"2019-10-07T13:20:12.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.4/manifests"},{"name":"2.0.3","sha":"d16ba745e2aa7ebb430c7cb87a35581162a2a08e","kind":"commit","published_at":"2019-09-25T12:04:05.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.3/manifests"},{"name":"2.0.2","sha":"ffac2ce28b3f79cc2fc0673020534236edd5ad7b","kind":"commit","published_at":"2019-09-23T06:42:04.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.2/manifests"},{"name":"2.0.1","sha":"4c8ca9db5b4b2a79ed6c779ac6f22587ba16a3e1","kind":"commit","published_at":"2019-09-19T09:09:17.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.1/manifests"},{"name":"2.0.0","sha":"41766f5527233fc378b49a4d11b3ad9dc5775882","kind":"commit","published_at":"2019-09-12T16:35:58.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/2.0.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/2.0.0/manifests"},{"name":"1.0.11","sha":"3c1c0d7e11cda896b0c69cf82e0ca6e0c0e7dd38","kind":"commit","published_at":"2019-06-18T13:33:05.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.11","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.11/manifests"},{"name":"1.0.10","sha":"b537cab466329b1b077e0e5e3c14edad2b7142f7","kind":"commit","published_at":"2019-02-19T13:27:01.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.10","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.10/manifests"},{"name":"1.0.9","sha":"b06b6b2ac8605b88e08ff36f895097fde8c9e8f5","kind":"commit","published_at":"2019-01-14T08:58:41.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.9","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.9/manifests"},{"name":"1.0.8","sha":"26e6a292cf80ad21afc07de4b4b6b9bd7940ea2c","kind":"commit","published_at":"2018-09-08T14:13:40.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.8","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.8/manifests"},{"name":"1.0.7","sha":"7e8d6b75cf0f8486509538120cc1cd28c7d70273","kind":"commit","published_at":"2018-07-29T14:20:08.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.7/manifests"},{"name":"1.0.6","sha":"fcf8bffeab97bc1d2d60f4ff41b94e4f40463d3c","kind":"commit","published_at":"2018-07-16T12:17:18.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.6/manifests"},{"name":"1.0.5","sha":"3553b54c883197a51213a178e3584ae0a7e777cf","kind":"commit","published_at":"2018-06-16T13:26:01.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.5/manifests"},{"name":"1.0.4","sha":"e7a1c316269bc0f6dd2698c3a7571bc4b561d892","kind":"commit","published_at":"2018-04-28T12:57:18.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.4/manifests"},{"name":"1.0.3","sha":"ee5d83849103046da62ef8439d3ecac564761615","kind":"commit","published_at":"2017-12-08T10:55:28.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.3/manifests"},{"name":"1.0.2","sha":"7ba76fe0d11b5b75485fdeedcf1dbb9050c66ac0","kind":"commit","published_at":"2017-08-25T14:19:57.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.2/manifests"},{"name":"1.0.1","sha":"19f8c6fce0b4cbb3f16a4089ef77f69be3c8645f","kind":"commit","published_at":"2017-08-21T07:00:15.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.1/manifests"},{"name":"1.0.0","sha":"4d0115a125b295e8b8e9fe4353222da53e543ba0","kind":"commit","published_at":"2017-08-15T15:11:14.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/1.0.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/1.0.0/manifests"},{"name":"0.9.0","sha":"d91304b6aa24529521a34dfbe247369db23a8a88","kind":"commit","published_at":"2017-05-18T14:11:08.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.9.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.9.0/manifests"},{"name":"0.8.9","sha":"4465943c936b90fa966776d95dc360917801d80f","kind":"commit","published_at":"2017-05-03T06:20:45.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.9","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.9/manifests"},{"name":"0.8.7","sha":"da2484d19b61b5eb35a8dad3460f0b193ac8cb2c","kind":"commit","published_at":"2017-04-25T07:45:59.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.7/manifests"},{"name":"0.8.8","sha":"da2484d19b61b5eb35a8dad3460f0b193ac8cb2c","kind":"commit","published_at":"2017-04-25T07:45:59.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.8","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.8/manifests"},{"name":"0.8.6","sha":"b317725c72a3af14ee3aa3d6d61e5286bb917572","kind":"commit","published_at":"2017-04-21T13:40:05.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.6/manifests"},{"name":"0.8.5","sha":"4222069a807a819dc6cb0a6cc0a1b99ef1ca4c56","kind":"commit","published_at":"2017-02-07T13:13:51.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.5/manifests"},{"name":"0.8.4","sha":"9be8f9def3124ccf2db71b7711027b55f9b90f48","kind":"commit","published_at":"2016-11-02T11:27:55.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.4/manifests"},{"name":"0.8.3","sha":"aeff130200ccb13de255847e62a9c01d862c351f","kind":"commit","published_at":"2016-08-18T14:55:32.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.3/manifests"},{"name":"0.8.2","sha":"d9c3bef885888074a544a8310d17deb74bf778d3","kind":"commit","published_at":"2016-06-09T16:13:10.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.2/manifests"},{"name":"0.8.1","sha":"e1980deca341420b106792b76fef81fcd8ffad55","kind":"commit","published_at":"2016-06-06T11:19:59.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.1/manifests"},{"name":"0.8.0","sha":"7aa9772fe25bc0b51dac9e381e5142cd5ed2fa16","kind":"commit","published_at":"2016-05-24T13:19:15.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.8.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.8.0/manifests"},{"name":"0.7.4","sha":"75e108809a90749417e375193531f7305f647cd4","kind":"commit","published_at":"2016-02-17T13:26:02.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.7.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.7.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.4/manifests"},{"name":"0.7.3","sha":"eb3735607e1dc6dc40d2e3c98ffe03cd898aa6b1","kind":"commit","published_at":"2015-11-25T13:54:11.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.7.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.3/manifests"},{"name":"0.7.2","sha":"c8014de5831ce6919cad57b3159ac0fef1264c00","kind":"commit","published_at":"2015-10-17T19:46:14.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.7.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.2/manifests"},{"name":"0.7.1","sha":"fac1062503fd62efbde438680bc1cbc4eb0b621f","kind":"commit","published_at":"2015-10-02T09:01:00.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.7.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.1/manifests"},{"name":"0.7.0","sha":"555114d66fbab5e5b5019e6340792afee5ae5e17","kind":"commit","published_at":"2015-09-22T09:48:07.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.7.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.7.0/manifests"},{"name":"0.6.7","sha":"4fb4fbd16ba3db88c0cd024950534069f6900502","kind":"commit","published_at":"2015-09-17T12:45:31.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.6.7","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.6.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.7/manifests"},{"name":"0.6.6","sha":"6c15eff8e194a8b4f3fd53f73a33d8b1012c88f8","kind":"commit","published_at":"2015-09-15T09:11:20.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.6.6","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.6.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.6/manifests"},{"name":"0.6.5","sha":"0a4a0cd1e2f63e6ff777a53d9519459c9239e38b","kind":"commit","published_at":"2015-08-04T12:59:05.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.6.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.6.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.5/manifests"},{"name":"0.6.4","sha":"b8b3ab6530f0da9037cf73dfe7a95fcc9a105ecd","kind":"commit","published_at":"2015-05-25T11:39:52.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.6.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.6.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.4/manifests"},{"name":"0.6.3","sha":"df25a9cb0bd1538266cace4ed8c0955556ff3d46","kind":"commit","published_at":"2015-04-07T13:55:12.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.6.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.3/manifests"},{"name":"0.6.2","sha":"eff80b05eb28f6e9bbfe10adbdaa0008b3986058","kind":"commit","published_at":"2015-03-31T13:41:51.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.6.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.2/manifests"},{"name":"0.6.1","sha":"36e1bf63d405ac2b90a26ebe6f37deb58978a04e","kind":"commit","published_at":"2015-02-23T08:42:58.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.6.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.1/manifests"},{"name":"0.6.0","sha":"e5735cd4f8394cd555e8f1f2cc9f9f0958dc4d16","kind":"commit","published_at":"2015-02-16T12:55:29.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.6.0","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.6.0/manifests"},{"name":"0.4.5","sha":"d2d3130881f1a2b91015ff1af4e4172bc0d9c97d","kind":"commit","published_at":"2015-01-16T12:16:03.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.4.5","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4.5/manifests"},{"name":"0.4.4","sha":"2f562ba382ac1ab67afaac8ef8034ee2a8a0afe9","kind":"commit","published_at":"2014-10-13T11:22:26.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.4.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4.4/manifests"},{"name":"0.4.3","sha":"db63f5f89ad65f0e7b95ed9d96cca27ef43cec17","kind":"commit","published_at":"2014-10-04T12:36:35.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.4.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4.3/manifests"},{"name":"0.4.2","sha":"09b707ffaa8b6b03d3cd9f873008bd3c31f2dcbb","kind":"commit","published_at":"2014-06-03T18:35:19.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.4.2","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4.2/manifests"},{"name":"0.4","sha":"c27e5c5cb30ab26213c435a1acc6e6ebb6e6d50f","kind":"commit","published_at":"2014-05-11T12:48:46.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.4","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.4/manifests"},{"name":"0.3","sha":"839915a3872dc95d148917338d5812430a6cb249","kind":"commit","published_at":"2014-04-16T11:14:13.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.3/manifests"},{"name":"v0.3","sha":"93c2331702576ceee85fd827df8af07316dea206","kind":"commit","published_at":"2014-04-05T09:31:24.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/v0.3","html_url":"https://github.com/cure53/DOMPurify/releases/tag/v0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/v0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/v0.3/manifests"},{"name":"0.1","sha":"722fb0ad4c3d27e773fb2db4a375135e0d1538b6","kind":"commit","published_at":"2014-03-01T14:19:37.000Z","download_url":"https://codeload.github.com/cure53/DOMPurify/tar.gz/0.1","html_url":"https://github.com/cure53/DOMPurify/releases/tag/0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cure53%2FDOMPurify/tags/0.1/manifests"}]},"repo_metadata_updated_at":"2025-06-05T23:33:14.823Z","dependent_packages_count":1705,"downloads":43072032,"downloads_period":"last-month","dependent_repos_count":56633,"rankings":{"downloads":0.05894876796253564,"dependent_repos_count":0.12843876939723858,"dependent_packages_count":0.0449029166087127,"stargazers_count":0.9306950861971719,"forks_count":1.4237510144225978,"docker_downloads_count":0.05738811781211086,"average":0.4406874454000613},"purl":"pkg:npm/dompurify","advisories":[{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1qanEtYzg4cS1xaHI2","url":"https://github.com/advisories/GHSA-mjjq-c88q-qhr6","title":"Cross-Site Scripting in dompurify","description":"Versions of `dompurify` prior to 2.0.7 are vulnerable to Cross-Site Scripting (XSS). It is possible to bypass the package sanitization through Mutation XSS, which may allow an attacker to execute arbitrary JavaScript in a victim's browser.\n\n\n## Recommendation\n\nUpgrade to version 2.0.7 or later.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-09-03T21:22:00.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/cure53/DOMPurify/releases/tag/2.0.7","https://www.npmjs.com/advisories/1223","https://github.com/advisories/GHSA-mjjq-c88q-qhr6"],"source_kind":"github","identifiers":["GHSA-mjjq-c88q-qhr6"],"repository_url":"https://github.com/cure53/DOMPurify","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.0.7","vulnerable_version_range":"\u003c 2.0.7"}],"ecosystem":"npm","package_name":"dompurify"}],"created_at":"2022-12-21T16:13:16.378Z","updated_at":"2023-01-09T05:04:08.000Z","epss_percentage":null,"epss_percentile":null},{"uuid":"GSA_kwCzR0hTQS1neDltLXdoam0tODVqZs4ABANT","url":"https://github.com/advisories/GHSA-gx9m-whjm-85jf","title":"DOMpurify has a nesting-based mXSS","description":"DOMpurify was vulnerable to nesting-based mXSS \n\nfixed by [0ef5e537](https://github.com/cure53/DOMPurify/tree/0ef5e537a514f904b6aa1d7ad9e749e365d7185f) (2.x) and\n[merge 943](https://github.com/cure53/DOMPurify/pull/943)\n\nBackporter should be aware of GHSA-mmhx-hmjr-r674 (CVE-2024-45801) when cherry-picking\n\nPOC is avaible under [test](https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098)","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2024-10-11T17:27:29.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.9,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H","references":["https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf","https://nvd.nist.gov/vuln/detail/CVE-2024-47875","https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f","https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a","https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098","https://github.com/advisories/GHSA-gx9m-whjm-85jf"],"source_kind":"github","identifiers":["GHSA-gx9m-whjm-85jf","CVE-2024-47875"],"repository_url":"https://github.com/cure53/DOMPurify","blast_radius":37.54924958692195,"packages":[{"versions":[{"first_patched_version":"3.1.3","vulnerable_version_range":"\u003e= 3.0.0, \u003c 3.1.3"},{"first_patched_version":"2.5.0","vulnerable_version_range":"\u003c 2.5.0"}],"ecosystem":"npm","package_name":"dompurify"}],"created_at":"2024-10-11T18:06:28.761Z","updated_at":"2024-10-11T17:27:30.000Z","epss_percentage":0.00168,"epss_percentile":0.38862},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNocWotajRmaC1ydzdt","url":"https://github.com/advisories/GHSA-chqj-j4fh-rw7m","title":"Cross-Site Scripting in dompurify","description":"Versions of `dompurify` prior to 2.0.3 are vulnerable to Cross-Site Scripting (XSS). The package has an XSS filter bypass due to Mutation XSS in both Chrome and Safari through a combination of `\u003csvg\u003e`/`\u003cmath\u003e` elements and `\u003c/p\u003e`/`\u003c/br\u003e`. An example payload is: `\u003csvg\u003e\u003c/p\u003e\u003cstyle\u003e\u003ca id=\"\u003c/style\u003e\u003cimg src=1 onerror=alert(1)\u003e\"\u003e`. This allows attackers to bypass the XSS protection and execute arbitrary JavaScript in a victim's browser.\n\n\n## Recommendation\n\nUpgrade to version 2.0.3 or later. You may also disallow `\u003csvg\u003e` and `\u003cmath\u003e` through `dompurify` configurations:\n```DOMPurify.sanitize(input, {\n     FORBID_TAGS: ['svg', 'math']\n });```","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2020-08-28T21:25:11.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-16728","https://research.securitum.com/dompurify-bypass-using-mxss/","https://www.npmjs.com/advisories/1205","https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html","https://github.com/advisories/GHSA-chqj-j4fh-rw7m"],"source_kind":"github","identifiers":["GHSA-chqj-j4fh-rw7m","CVE-2019-16728"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.0.3","vulnerable_version_range":"\u003c 2.0.3"}],"ecosystem":"npm","package_name":"dompurify"}],"created_at":"2022-12-21T16:13:22.709Z","updated_at":"2023-09-13T18:51:45.000Z","epss_percentage":0.01188,"epss_percentile":0.7764},{"uuid":"GSA_kwCzR0hTQS04aGdnLXh4bTUtMzg3M84AA3ID","url":"https://github.com/advisories/GHSA-8hgg-xxm5-3873","title":"DOMPurify Open Redirect vulnerability","description":"DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a 'rel=\"noopener noreferrer\"' attribute.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2023-11-14T21:30:51.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-25155","https://github.com/cure53/DOMPurify/compare/1.0.10...1.0.11","https://github.com/cure53/DOMPurify/pull/337","https://github.com/cure53/DOMPurify/commit/7601c33a57e029cce51d910eda5179a3f1b51c83","https://github.com/advisories/GHSA-8hgg-xxm5-3873"],"source_kind":"github","identifiers":["GHSA-8hgg-xxm5-3873","CVE-2019-25155"],"repository_url":"https://github.com/cure53/DOMPurify","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"1.0.11","vulnerable_version_range":"\u003c 1.0.11"}],"ecosystem":"npm","package_name":"dompurify"}],"created_at":"2023-11-15T21:06:13.261Z","updated_at":"2025-04-29T01:10:36.382Z","epss_percentage":0.00242,"epss_percentile":0.47487},{"uuid":"GSA_kwCzR0hTQS1wM3ZmLXY4cWMtY3djcs4ABA13","url":"https://github.com/advisories/GHSA-p3vf-v8qc-cwcr","title":"DOMPurify vulnerable to tampering by prototype polution","description":"dompurify was vulnerable to prototype pollution\n\nFixed by https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2024-10-31T14:23:34.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":9.3,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N","references":["https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr","https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc","https://nvd.nist.gov/vuln/detail/CVE-2024-48910","https://github.com/advisories/GHSA-p3vf-v8qc-cwcr"],"source_kind":"github","identifiers":["GHSA-p3vf-v8qc-cwcr","CVE-2024-48910"],"repository_url":"https://github.com/cure53/DOMPurify","blast_radius":44.20354698207268,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003c 2.4.2"}],"ecosystem":"npm","package_name":"dompurify"}],"created_at":"2024-10-31T15:06:28.619Z","updated_at":"2024-11-01T09:17:33.000Z","epss_percentage":0.00074,"epss_percentile":0.23129},{"uuid":"GSA_kwCzR0hTQS1tbWh4LWhtanItcjY3NM4AA_kd","url":"https://github.com/advisories/GHSA-mmhx-hmjr-r674","title":"DOMPurify allows tampering by prototype pollution","description":"It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check.\n\nThis renders dompurify unable to avoid XSS attack.\n\nFixed by https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21 (3.x branch) and https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc (2.x branch).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2024-09-16T20:34:26.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.3,"cvss_vector":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674","https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21","https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc","https://nvd.nist.gov/vuln/detail/CVE-2024-45801","https://github.com/advisories/GHSA-mmhx-hmjr-r674"],"source_kind":"github","identifiers":["GHSA-mmhx-hmjr-r674","CVE-2024-45801"],"repository_url":"https://github.com/cure53/DOMPurify","blast_radius":39.45047741410788,"packages":[{"versions":[{"first_patched_version":"3.1.3","vulnerable_version_range":"\u003e= 3.0.0, \u003c 3.1.3"},{"first_patched_version":"2.5.4","vulnerable_version_range":"\u003c 2.5.4"}],"ecosystem":"npm","package_name":"dompurify"}],"created_at":"2024-09-16T21:06:01.221Z","updated_at":"2024-09-16T22:37:33.000Z","epss_percentage":0.00044,"epss_percentile":0.13211},{"uuid":"GSA_kwCzR0hTQS12aHhmLTd2cXItbXJqZ84ABEeY","url":"https://github.com/advisories/GHSA-vhxf-7vqr-mrjg","title":"DOMPurify allows Cross-site Scripting (XSS)","description":"DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2025-02-14T09:31:22.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2025-26791","https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02","https://ensy.zip/posts/dompurify-323-bypass","https://github.com/cure53/DOMPurify/releases/tag/3.2.4","https://nsysean.github.io/posts/dompurify-323-bypass","https://github.com/advisories/GHSA-vhxf-7vqr-mrjg"],"source_kind":"github","identifiers":["GHSA-vhxf-7vqr-mrjg","CVE-2025-26791"],"repository_url":"https://github.com/cure53/DOMPurify","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"3.2.4","vulnerable_version_range":"\u003c 3.2.4"}],"ecosystem":"npm","package_name":"dompurify"}],"created_at":"2025-02-14T19:07:38.501Z","updated_at":"2025-02-14T18:05:09.000Z","epss_percentage":0.00024,"epss_percentile":0.04779},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYzcTctaDg5NS1tOTgy","url":"https://github.com/advisories/GHSA-63q7-h895-m982","title":"Cross-site Scripting in dompurify","description":"Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2020-12-18T22:51:40.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-26870","https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d","https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17","https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html","https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/","https://snyk.io/vuln/SNYK-JS-DOMPURIFY-1016634","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870","https://www.oracle.com//security-alerts/cpujul2021.html","https://github.com/advisories/GHSA-63q7-h895-m982"],"source_kind":"github","identifiers":["GHSA-63q7-h895-m982","CVE-2020-26870"],"repository_url":"https://github.com/cure53/DOMPurify","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.0.17","vulnerable_version_range":"\u003c 2.0.17"}],"ecosystem":"npm","package_name":"dompurify"}],"created_at":"2022-12-21T16:13:12.456Z","updated_at":"2023-02-01T05:05:07.000Z","epss_percentage":0.00243,"epss_percentile":0.47561}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/dompurify","docker_dependents_count":3491,"docker_downloads_count":2286374267,"usage_url":"https://repos.ecosyste.ms/usage/npm/dompurify","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/dompurify/dependencies","status":null,"funding_links":["https://github.com/sponsors/cure53"],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/dompurify/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/dompurify/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/dompurify/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/dompurify/related_packages","maintainers":[{"uuid":"cure53","login":"cure53","name":null,"email":"mario@cure53.de","url":null,"packages_count":1,"html_url":"https://www.npmjs.com/~cure53","role":null,"created_at":"2022-11-10T11:33:15.214Z","updated_at":"2022-11-10T11:33:15.214Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/cure53/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5005316,"maintainers_count":1012639,"namespaces_count":295318,"keywords_count":699769,"github":"npm","metadata":{"funded_packages_count":150180},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-05T05:52:15.849Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":3316,"unique_repositories_count_past_30_days":275,"recent_issues":[{"uuid":"4672641961","node_id":"PR_kwDOSnpDf87m7EVi","number":105,"state":"open","title":"chore(deps): Bump dompurify from 3.4.8 to 3.4.9","user":"dependabot[bot]","labels":["area/ci","dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T08:56:48.000Z","updated_at":"2026-06-16T08:57:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":null,"ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/OpenLatch/saferskills/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/OpenLatch/saferskills/pull/105","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenLatch%2Fsaferskills/issues/105","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/105/packages"},{"uuid":"4671758737","node_id":"PR_kwDOABZUws7m4LhF","number":5634,"state":"open","title":"Bump dompurify from 3.4.8 to 3.4.9","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T06:46:17.000Z","updated_at":"2026-06-16T06:46:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":null,"ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xwiki/xwiki-platform/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/xwiki/xwiki-platform/pull/5634","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/xwiki%2Fxwiki-platform/issues/5634","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5634/packages"},{"uuid":"4671670095","node_id":"PR_kwDOH9by-c7m35aZ","number":1087,"state":"open","title":"deps: bump dompurify from 3.4.0 to 3.4.9","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T06:30:11.000Z","updated_at":"2026-06-16T06:37:03.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps","packages":[{"name":"dompurify","old_version":"3.4.0","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":null,"ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.0 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🚨 \u003cstrong\u003eThis release had been flagged as deprecated, please use DOMPurify 3.4.5 instead\u003c/strong\u003e 🚨\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue with handling of nested Shadow DOM trees, thanks \u003ca href=\"https://github.com/fishjojo1\"\u003e\u003ccode\u003e@​fishjojo1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the template regexes to be more robust against ReDoS attacks, thanks \u003ca href=\"https://github.com/aleung27\"\u003e\u003ccode\u003e@​aleung27\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the node iteration code to catch more Shadow DOM related issues\u003c/li\u003e\n\u003cli\u003eUpdated Playwright and added Node 26 to test matrix\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, release signing, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/09f59115a311469de5b625225760593e551f080a\"\u003e\u003ccode\u003e09f5911\u003c/code\u003e\u003c/a\u003e test: added three more browsers to test setup (OSX, mobile)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.0...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.0\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/City-of-Helsinki/events-helsinki-monorepo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/City-of-Helsinki/events-helsinki-monorepo/pull/1087","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/City-of-Helsinki%2Fevents-helsinki-monorepo/issues/1087","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1087/packages"},{"uuid":"4671373272","node_id":"PR_kwDOD6r2i87m29lb","number":9936,"state":"open","title":"chore(deps): bump dompurify and react-admin in /packages/gpt-gateway-admin","user":"dependabot[bot]","labels":["javascript","app:gpt-gateway-admin","dependencies","lib:gpt-gateway-admin"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T05:34:53.000Z","updated_at":"2026-06-16T05:39:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"dompurify","repository_url":"https://github.com/cure53/DOMPurify","old_version":"2.4.7","new_version":"3.4.10"},{"name":"react-admin","repository_url":"https://github.com/marmelab/react-admin","old_version":"3.19.12","new_version":"5.14.7"}],"path":"/packages/gpt-gateway-admin","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) to 3.4.10 and updates ancestor dependency [react-admin](https://github.com/marmelab/react-admin). These dependencies need to be updated together.\n\nUpdates `dompurify` from 2.4.7 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/2.4.7...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-admin` from 3.19.12 to 5.14.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/marmelab/react-admin/releases\"\u003ereact-admin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.14.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eAutocompleteInput\u003c/code\u003e does not open autocomplete options when \u003ccode\u003eshouldRenderSuggestions\u003c/code\u003e returns false (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11263\"\u003e#11263\u003c/a\u003e) (\u003ca href=\"https://github.com/jonathanarnault\"\u003ejonathanarnault\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Doc] Fix typos in the \u003ccode\u003eRichTextInput\u003c/code\u003e docs (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11250\"\u003e#11250\u003c/a\u003e) (\u003ca href=\"https://github.com/fengfeng-zi\"\u003efengfeng-zi\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[TypeScript] Fix \u003ccode\u003eArrayField\u003c/code\u003e doesn't accept a label prop (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11264\"\u003e#11264\u003c/a\u003e) (\u003ca href=\"https://github.com/fzaninotto\"\u003efzaninotto\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Chore] Add tests to cover \u003ccode\u003eList\u003c/code\u003e empty state with permanent filters (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11235\"\u003e#11235\u003c/a\u003e) (\u003ca href=\"https://github.com/terminalchai\"\u003eterminalchai\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump devalue from 5.6.4 to 5.8.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11260\"\u003e#11260\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump systeminformation from 5.31.1 to 5.31.6 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11258\"\u003e#11258\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e from 7.29.0 to 7.29.4 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11256\"\u003e#11256\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11255\"\u003e#11255\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.14 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11253\"\u003e#11253\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump axios from 1.15.0 to 1.16.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11252\"\u003e#11252\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ip-address from 10.1.0 to 10.2.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11251\"\u003e#11251\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump dompurify from 3.3.2 to 3.4.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11245\"\u003e#11245\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.14.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix possible prototype-polluting assignments in local data providers (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11227\"\u003e#11227\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix duplicate IDs in \u003ccode\u003e\u0026lt;FieldToggle\u0026gt;\u003c/code\u003e when multiple column pickers are present (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11238\"\u003e#11238\u003c/a\u003e) (\u003ca href=\"https://github.com/Yashrajsingh2001\"\u003eYashrajsingh2001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incomplete string escaping  in \u003ccode\u003eescapePath\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11226\"\u003e#11226\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;FormDataConsumer\u0026gt;\u003c/code\u003e to avoid ReDoS in source detection (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11224\"\u003e#11224\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;RichTextField\u0026gt;\u003c/code\u003e tag-stripping feature is polynomial and does not strip unfinished tags (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11225\"\u003e#11225\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;ArrayInput\u0026gt;\u003c/code\u003e shows validation error on mount when \u003ccode\u003emode=\u0026quot;onChange\u0026quot;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11195\"\u003e#11195\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11240\"\u003e#11240\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump axios from 1.13.6 to 1.15.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11237\"\u003e#11237\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11234\"\u003e#11234\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump defu from 6.1.4 to 6.1.6 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11230\"\u003e#11230\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.23 to 4.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11229\"\u003e#11229\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump lodash-es from 4.17.23 to 4.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11228\"\u003e#11228\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[chore] Restrict test workflow token permissions (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11223\"\u003e#11223\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.14.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ArrayFieldBase component (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11191\"\u003e#11191\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] Prevent stale nested field values when re-adding items in SimpleFormIterator (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11201\"\u003e#11201\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euseCreate\u003c/code\u003e fails to update the cache when \u003ccode\u003eid\u003c/code\u003e equals 0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11199\"\u003e#11199\u003c/a\u003e) (\u003ca href=\"https://github.com/ThieryMichel\"\u003eThieryMichel\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mutation hooks types (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11024\"\u003e#11024\u003c/a\u003e) (\u003ca href=\"https://github.com/djhi\"\u003edjhi\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Doc] Add ArrayFieldBase headless documentation (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11192\"\u003e#11192\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[chore] Fix headless docs build (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11188\"\u003e#11188\u003c/a\u003e) (\u003ca href=\"https://github.com/slax57\"\u003eslax57\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump path-to-regexp from 0.1.12 to 0.1.13 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11210\"\u003e#11210\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.7 to 4.7.9 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11206\"\u003e#11206\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump astro from 5.15.9 to 5.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11205\"\u003e#11205\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11203\"\u003e#11203\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump smol-toml from 1.5.2 to 1.6.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11202\"\u003e#11202\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11197\"\u003e#11197\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump h3 from 1.15.8 to 1.15.9 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11196\"\u003e#11196\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump h3 from 1.15.5 to 1.15.8 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11194\"\u003e#11194\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump devalue from 5.6.3 to 5.6.4 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11189\"\u003e#11189\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix tar security alerts (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11215\"\u003e#11215\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix markdown-it security alert (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11214\"\u003e#11214\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix minimatch security alerts (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11213\"\u003e#11213\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix ejs dependabot alert (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11211\"\u003e#11211\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix picomatch dependabot alert (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11212\"\u003e#11212\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/marmelab/react-admin/blob/master/CHANGELOG.md\"\u003ereact-admin's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.14.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eAutocompleteInput\u003c/code\u003e does not open autocomplete options when \u003ccode\u003eshouldRenderSuggestions\u003c/code\u003e returns false (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11263\"\u003e#11263\u003c/a\u003e) (\u003ca href=\"https://github.com/jonathanarnault\"\u003ejonathanarnault\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Doc] Fix typos in the \u003ccode\u003eRichTextInput\u003c/code\u003e docs (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11250\"\u003e#11250\u003c/a\u003e) (\u003ca href=\"https://github.com/fengfeng-zi\"\u003efengfeng-zi\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[TypeScript] Fix \u003ccode\u003eArrayField\u003c/code\u003e doesn't accept a label prop (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11264\"\u003e#11264\u003c/a\u003e) (\u003ca href=\"https://github.com/fzaninotto\"\u003efzaninotto\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Chore] Add tests to cover \u003ccode\u003eList\u003c/code\u003e empty state with permanent filters (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11235\"\u003e#11235\u003c/a\u003e) (\u003ca href=\"https://github.com/terminalchai\"\u003eterminalchai\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump devalue from 5.6.4 to 5.8.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11260\"\u003e#11260\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump systeminformation from 5.31.1 to 5.31.6 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11258\"\u003e#11258\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e from 7.29.0 to 7.29.4 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11256\"\u003e#11256\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11255\"\u003e#11255\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.14 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11253\"\u003e#11253\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump axios from 1.15.0 to 1.16.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11252\"\u003e#11252\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ip-address from 10.1.0 to 10.2.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11251\"\u003e#11251\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump dompurify from 3.3.2 to 3.4.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11245\"\u003e#11245\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.14.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix possible prototype-polluting assignments in local data providers (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11227\"\u003e#11227\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix duplicate IDs in \u003ccode\u003e\u0026lt;FieldToggle\u0026gt;\u003c/code\u003e when multiple column pickers are present (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11238\"\u003e#11238\u003c/a\u003e) (\u003ca href=\"https://github.com/Yashrajsingh2001\"\u003eYashrajsingh2001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incomplete string escaping  in \u003ccode\u003eescapePath\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11226\"\u003e#11226\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;FormDataConsumer\u0026gt;\u003c/code\u003e to avoid ReDoS in source detection (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11224\"\u003e#11224\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;RichTextField\u0026gt;\u003c/code\u003e tag-stripping feature is polynomial and does not strip unfinished tags (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11225\"\u003e#11225\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;ArrayInput\u0026gt;\u003c/code\u003e shows validation error on mount when \u003ccode\u003emode=\u0026quot;onChange\u0026quot;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11195\"\u003e#11195\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11240\"\u003e#11240\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump axios from 1.13.6 to 1.15.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11237\"\u003e#11237\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11234\"\u003e#11234\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump defu from 6.1.4 to 6.1.6 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11230\"\u003e#11230\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.23 to 4.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11229\"\u003e#11229\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump lodash-es from 4.17.23 to 4.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11228\"\u003e#11228\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[chore] Restrict test workflow token permissions (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11223\"\u003e#11223\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.14.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ArrayFieldBase component (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11191\"\u003e#11191\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] Prevent stale nested field values when re-adding items in SimpleFormIterator (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11201\"\u003e#11201\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euseCreate\u003c/code\u003e fails to update the cache when \u003ccode\u003eid\u003c/code\u003e equals 0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11199\"\u003e#11199\u003c/a\u003e) (\u003ca href=\"https://github.com/ThieryMichel\"\u003eThieryMichel\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mutation hooks types (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11024\"\u003e#11024\u003c/a\u003e) (\u003ca href=\"https://github.com/djhi\"\u003edjhi\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Doc] Add ArrayFieldBase headless documentation (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11192\"\u003e#11192\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[chore] Fix headless docs build (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11188\"\u003e#11188\u003c/a\u003e) (\u003ca href=\"https://github.com/slax57\"\u003eslax57\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump path-to-regexp from 0.1.12 to 0.1.13 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11210\"\u003e#11210\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.7 to 4.7.9 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11206\"\u003e#11206\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump astro from 5.15.9 to 5.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11205\"\u003e#11205\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11203\"\u003e#11203\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump smol-toml from 1.5.2 to 1.6.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11202\"\u003e#11202\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11197\"\u003e#11197\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump h3 from 1.15.8 to 1.15.9 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11196\"\u003e#11196\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump h3 from 1.15.5 to 1.15.8 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11194\"\u003e#11194\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump devalue from 5.6.3 to 5.6.4 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11189\"\u003e#11189\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix tar security alerts (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11215\"\u003e#11215\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix markdown-it security alert (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11214\"\u003e#11214\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eUpgrade guide\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/Upgrade.md\"\u003ereact-admin's upgrade guide\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003chr /\u003e\n\u003ch2\u003elayout: default\ntitle: \u0026quot;Upgrading to v5\u0026quot;\u003c/h2\u003e\n\u003ch1\u003eUpgrading to v5\u003c/h1\u003e\n\u003cp\u003eReact-admin v5 mostly focuses on removing deprecated features and upgrading dependencies. This makes the upgrade process easier than previous versions. However, there are still some breaking changes you should be aware of.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#ie11-is-no-longer-supported\"\u003eIE11 Is No Longer Supported\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#dependencies\"\u003eDependencies\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#react-18\"\u003eReact 18\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#use-tanstackreact-query-instead-of-react-query\"\u003eUse @​tanstack/react-query instead of react-query\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#minor-dependencies\"\u003eMinor Dependencies\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#ui-changes\"\u003eUI Changes\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#inputs-have-full-width-by-default\"\u003eInputs Have Full Width By Default\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#links-are-now-underlined-by-default\"\u003eLinks are now underlined by default\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#dark-theme-is-available-by-default\"\u003eDark Theme Is Available By Default\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#data-provider\"\u003eData Provider\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#ra-data-graphql-and-ra-data-graphql-simple-no-longer-return-a-promise\"\u003e\u003ccode\u003era-data-graphql\u003c/code\u003e And \u003ccode\u003era-data-graphql-simple\u003c/code\u003e No Longer Return A Promise\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#application-root--layout\"\u003eApplication Root \u0026amp; Layout\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#admin-menu-is-no-longer-supported\"\u003e\u003ccode\u003e\u0026lt;Admin menu\u0026gt;\u003c/code\u003e Is No Longer Supported\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#admin-history-prop-was-removed\"\u003e\u003ccode\u003e\u0026lt;Admin history\u0026gt;\u003c/code\u003e Prop Was Removed\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#historyrouter-was-removed\"\u003e\u003ccode\u003e\u0026lt;HistoryRouter\u0026gt;\u003c/code\u003e Was Removed\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-layout-no-longer-receives-props\"\u003eCustom Layout No Longer Receives Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-app-bars-no-longer-receive-props\"\u003eCustom App Bars No Longer Receive Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-menu-no-longer-receive-props\"\u003eCustom Menu No Longer Receive Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-error-page-no-longer-receives-title\"\u003eCustom Error Page No Longer Receives Title\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-catch-all-no-longer-receives-title\"\u003eCustom Catch All No Longer Receives Title\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#list-components\"\u003eList Components\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#list-components-can-no-longer-be-used-in-standalone\"\u003eList Components Can No Longer Be Used In Standalone\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#list-hascreate-is-no-longer-supported\"\u003e\u003ccode\u003e\u0026lt;List hasCreate\u0026gt;\u003c/code\u003e Is No Longer Supported\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#datagrid-rowclick-is-no-longer-false-by-default\"\u003e\u003ccode\u003e\u0026lt;Datagrid rowClick\u0026gt;\u003c/code\u003e is no longer false by default\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#datagrid-expand-components-no-longer-receive-any-props\"\u003e\u003ccode\u003e\u0026lt;Datagrid expand\u0026gt;\u003c/code\u003e Components No Longer Receive Any Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#datagrid-in-standalone-requires-a-resource-prop\"\u003e\u003ccode\u003e\u0026lt;Datagrid\u0026gt;\u003c/code\u003e In Standalone Requires a \u003ccode\u003eresource\u003c/code\u003e Prop\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#setfilters-is-no-longer-debounced-by-default\"\u003esetFilters Is No Longer Debounced By Default\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#updates-to-bulkactionbuttons-syntax\"\u003eUpdates to bulkActionButtons Syntax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#paginationlimit-component-was-removed\"\u003e\u003ccode\u003e\u0026lt;PaginationLimit\u0026gt;\u003c/code\u003e Component Was Removed\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#datagridbody-no-longer-provides-record-prop-to-datagridrow\"\u003e\u003ccode\u003e\u0026lt;DatagridBody\u0026gt;\u003c/code\u003e No Longer Provides record Prop To \u003ccode\u003e\u0026lt;DatagridRow\u0026gt;\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#userecordselection-props-have-changed\"\u003e\u003ccode\u003euseRecordSelection\u003c/code\u003e Props have changed\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#show-and-edit-pages\"\u003eShow and Edit Pages\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-edit-or-show-actions-no-longer-receive-any-props\"\u003eCustom Edit or Show Actions No Longer Receive Any Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#inputs-default-ids-are-auto-generated\"\u003eInputs default ids are auto-generated\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#simpleformiterator-no-longer-clones-its-buttons\"\u003e\u003ccode\u003e\u0026lt;SimpleFormIterator\u0026gt;\u003c/code\u003e No Longer Clones Its Buttons\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#simpleformiterator-no-longer-clones-its-children\"\u003e\u003ccode\u003e\u0026lt;SimpleFormIterator\u0026gt;\u003c/code\u003e no longer clones its children\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#formdataconsumer-no-longer-passes-a-getsource-function\"\u003e\u003ccode\u003e\u0026lt;FormDataConsumer\u0026gt;\u003c/code\u003e no longer passes a getSource function\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#mutation-middlewares-no-longer-receive-the-mutation-options\"\u003eMutation Middlewares No Longer Receive The Mutation Options\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#warnwhenunsavedchanges-changes\"\u003e\u003ccode\u003ewarnWhenUnsavedChanges\u003c/code\u003e Changes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#global-server-side-validation-error-message-must-be-passed-via-the-rootservererror-key\"\u003eGlobal Server Side Validation Error Message Must Be Passed Via The \u003ccode\u003eroot.serverError\u003c/code\u003e Key\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#input-components\"\u003eInput Components\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/93ff911afc5415e5e196baf5591380c322253708\"\u003e\u003ccode\u003e93ff911\u003c/code\u003e\u003c/a\u003e Update changelog for version 5.14.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/898d81bb6adcf1a424f8ad918e67a7d188f39236\"\u003e\u003ccode\u003e898d81b\u003c/code\u003e\u003c/a\u003e v5.14.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/6e0c663e5654c9d7b5c08fca01b4de6ce537a1be\"\u003e\u003ccode\u003e6e0c663\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/marmelab/react-admin/issues/11263\"\u003e#11263\u003c/a\u003e from marmelab/fix/3166-autocomplete-suggestions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/cb320e2bb817c11d617622c2a19f0c8ad83494bc\"\u003e\u003ccode\u003ecb320e2\u003c/code\u003e\u003c/a\u003e Apply review\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/588e54f25254adc0f8263bfd98511ce4732083b5\"\u003e\u003ccode\u003e588e54f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/marmelab/react-admin/issues/11258\"\u003e#11258\u003c/a\u003e from marmelab/dependabot/npm_and_yarn/systeminforma...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/b197442116e45b283a67d7631c137a2f2284e4cb\"\u003e\u003ccode\u003eb197442\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/marmelab/react-admin/issues/11264\"\u003e#11264\u003c/a\u003e from marmelab/fix-array-field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/26471199eb7134485a0f10f2406f8dcb9c7ac322\"\u003e\u003ccode\u003e2647119\u003c/code\u003e\u003c/a\u003e [typeScript] Fix ArrayField doesn't accept a label prop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/9be13cbe0bbf68ee0a8f0a087be204500a2bd910\"\u003e\u003ccode\u003e9be13cb\u003c/code\u003e\u003c/a\u003e Fix(AutocompleteInput): do not open autocomplete options when shouldRenderSug...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/ba76aad10d9d5d14fb734546656e7cfc70a94c31\"\u003e\u003ccode\u003eba76aad\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/marmelab/react-admin/issues/11260\"\u003e#11260\u003c/a\u003e from marmelab/dependabot/npm_and_yarn/devalue-5.8.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/c94506e05368ab37a1e76438e2a1da3c25a00e7e\"\u003e\u003ccode\u003ec94506e\u003c/code\u003e\u003c/a\u003e Bump devalue from 5.6.4 to 5.8.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/marmelab/react-admin/compare/v3.19.12...v5.14.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/amplication/amplication/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/amplication/amplication/pull/9936","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/amplication%2Famplication/issues/9936","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9936/packages"},{"uuid":"4671017587","node_id":"PR_kwDOPIYMXs7m10pF","number":760,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 5 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T04:18:14.000Z","updated_at":"2026-06-16T04:18:32.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":5,"packages":[{"name":"vite","old_version":"7.3.2","new_version":"8.0.16","repository_url":"https://github.com/vitejs/vite"},{"name":"dompurify","old_version":"3.4.0","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"form-data","old_version":"4.0.5","new_version":"4.0.6","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"form-data","old_version":"4.0.5","new_version":"4.0.6","repository_url":"https://github.com/form-data/form-data"},{"name":"nodemailer","old_version":"8.0.5","new_version":"8.0.9","repository_url":"https://github.com/nodemailer/nodemailer"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 4 updates in the /DevElevate/Client directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [dompurify](https://github.com/cure53/DOMPurify), [form-data](https://github.com/form-data/form-data) and [js-yaml](https://github.com/nodeca/js-yaml).\nBumps the npm_and_yarn group with 2 updates in the /DevElevate/Server directory: [form-data](https://github.com/form-data/form-data) and [nodemailer](https://github.com/nodemailer/nodemailer).\n\nUpdates `vite` from 7.3.2 to 8.0.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.16\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.16/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.15\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.15/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.14\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.14/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.13/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.12/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.11\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.11/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.10\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.10/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.9\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.9/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.8\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.8/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.4/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ecreate-vite@8.0.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/create-vite@8.0.3/packages/create-vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ecreate-vite@8.0.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/create-vite@8.0.2/packages/create-vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.15...v8.0.16\"\u003e8.0.16\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9\"\u003e50b9512\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546\"\u003edc245c7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.14...v8.0.15\"\u003e8.0.15\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esend 408 on request timeout (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22476\"\u003e#22476\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c85c9eeb9aaf41f477b48b057146887bd5620797\"\u003ec85c9ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.3 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22538\"\u003e#22538\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575\"\u003e646dbed\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecapitalize error messages and remove spurious space in parse error (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22488\"\u003e#22488\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3\"\u003e85a0eff\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22511\"\u003e#22511\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa\"\u003e2686d7d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edev:\u003c/strong\u003e fix html-proxy cache key mismatch for /@fs/ HTML paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21762\"\u003e#21762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/47c4213f134f562c41ed7c031e4788510cf7e31e\"\u003e47c4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eglob:\u003c/strong\u003e error on relative glob in virtual module when no files match (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22497\"\u003e#22497\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5c8e98f8b584ac5d42f0f9b8580c49792213b13c\"\u003e5c8e98f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoptimizer:\u003c/strong\u003e close the rolldown bundle when write() rejects (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22528\"\u003e#22528\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815\"\u003ee3cfb9d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eresolve:\u003c/strong\u003e provide onWarn for viteResolvePlugin in JS plugin containers (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22509\"\u003e#22509\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/40985f1c09b7696e594e6c5695fbc315d2da2c83\"\u003e40985f1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22566\"\u003e#22566\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd\"\u003e3052a67\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Refactoring\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecorrect logic in \u003ccode\u003ecollectAllModules\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22562\"\u003e#22562\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c\"\u003e6978a9c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.13...v8.0.14\"\u003e8.0.14\u003c/a\u003e (2026-05-21)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate rolldown to 1.0.2 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22484\"\u003e#22484\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/96efc88570b6a6ddf1a910f106920cbac07b3cf0\"\u003e96efc88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22471\"\u003e#22471\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/98b81632139d51820f82036e58d6fbbf122b77b3\"\u003e98b8163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edev:\u003c/strong\u003e handle errors when sending messages to vite server (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22450\"\u003e#22450\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e8e9a34dcf2540139de558a10187630884d10217\"\u003ee8e9a34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehtml:\u003c/strong\u003e handle trailing slash paths in transformIndexHtml (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22480\"\u003e#22480\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5d94d1bffdb2a15de9341194d89baec86ce1f693\"\u003e5d94d1b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoptimizer:\u003c/strong\u003e pass oxc jsx options to transformSync in dependency scan                                                            (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22342\"\u003e#22342\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b3132dacea9c6e0cf526cd9f0f09d850f577c262\"\u003eb3132da\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22470\"\u003e#22470\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7cb728eb629cc677661f1bc52a044ffc0b87fc7f\"\u003e7cb728e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove irrelevant commits from changelog (\u003ca href=\"https://github.com/vitejs/vite/commit/2c69495f250edf01132d4a20128de19dbe836086\"\u003e2c69495\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Refactoring\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eglob:\u003c/strong\u003e do not rewrite import path for absolute base (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22310\"\u003e#22310\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ae2844ab6d6d1ccf78a2975b8132769fc35b302\"\u003e0ae2844\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f94df87ff03b40b65e29bacdc04cc18c7bccaa4a\"\u003e\u003ccode\u003ef94df87\u003c/code\u003e\u003c/a\u003e release: v8.0.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546\"\u003e\u003ccode\u003edc245c7\u003c/code\u003e\u003c/a\u003e fix: reject windows alternate paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22572\"\u003e#22572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9\"\u003e\u003ccode\u003e50b9512\u003c/code\u003e\u003c/a\u003e fix(deps): reject UNC paths for launch-editor-middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22571\"\u003e#22571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8d1b0195fd186d0b3297d7cd17acff6c96797420\"\u003e\u003ccode\u003e8d1b019\u003c/code\u003e\u003c/a\u003e release: v8.0.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa\"\u003e\u003ccode\u003e2686d7d\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22511\"\u003e#22511\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd\"\u003e\u003ccode\u003e3052a67\u003c/code\u003e\u003c/a\u003e chore(deps): update rolldown-related dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22566\"\u003e#22566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815\"\u003e\u003ccode\u003ee3cfb9d\u003c/code\u003e\u003c/a\u003e fix(optimizer): close the rolldown bundle when write() rejects (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22528\"\u003e#22528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c\"\u003e\u003ccode\u003e6978a9c\u003c/code\u003e\u003c/a\u003e refactor: correct logic in \u003ccode\u003ecollectAllModules\u003c/code\u003e function (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22562\"\u003e#22562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575\"\u003e\u003ccode\u003e646dbed\u003c/code\u003e\u003c/a\u003e feat: update rolldown to 1.0.3 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22538\"\u003e#22538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3\"\u003e\u003ccode\u003e85a0eff\u003c/code\u003e\u003c/a\u003e fix: capitalize error messages and remove spurious space in parse error (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22488\"\u003e#22488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v8.0.16/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.4.0 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.0...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.5 to 4.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6\"\u003ev4.0.6\u003c/a\u003e - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames \u003ca href=\"https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99\"\u003e\u003ccode\u003e8dff42c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1\"\u003e\u003ccode\u003ef31d21e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ehasown\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd\"\u003e\u003ccode\u003e92ae0eb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ejs-randomness-predictor\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97\"\u003e\u003ccode\u003e67b0f65\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435\"\u003e\u003ccode\u003e64190db\u003c/code\u003e\u003c/a\u003e v4.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd\"\u003e\u003ccode\u003e92ae0eb\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ehasown\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1\"\u003e\u003ccode\u003ef31d21e\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99\"\u003e\u003ccode\u003e8dff42c\u003c/code\u003e\u003c/a\u003e [Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97\"\u003e\u003ccode\u003e67b0f65\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003ejs-randomness-predictor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.2.0] - 2026-06-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003edocs/safety.md\u003c/code\u003e with notes about processing untrusted YAML.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxDepth\u003c/code\u003e (100) loader option. Not a problem, but gives a better\nexception instead of RangeError on stack overflow.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxMergeSeqLength\u003c/code\u003e (20) loader option. Not a problem after \u003ccode\u003emerge\u003c/code\u003e fix,\nbut an additional restriction for safety.\u003c/li\u003e\n\u003cli\u003eAdded sourcemaps to \u003ccode\u003edist/\u003c/code\u003e builds.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStop resolving numbers with underscores as numeric scalars, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/627\"\u003e#627\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eSwitched dev toolchains to Vite / neostandard.\u003c/li\u003e\n\u003cli\u003eUpdated demo.\u003c/li\u003e\n\u003cli\u003eReorganized tests.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edist/\u003c/code\u003e files are no longer kept in the repository.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix parsing of properties on the first implicit block mapping key, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/62\"\u003e#62\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix trailing whitespace handling when folding flow scalar lines, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReject top-level block scalars without content indentation, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/280\"\u003e#280\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsure numbers survive round-trip, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/737\"\u003e#737\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix test coverage for issue \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/221\"\u003e#221\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix flow scalar trailing whitespace folding, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix digits in YAML named tag handles.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential DoS via quadratic complexity in merge - deduplicate repeated\nelements (makes sense for malformed files \u0026gt; 10K).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.5 to 4.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6\"\u003ev4.0.6\u003c/a\u003e - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames \u003ca href=\"https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99\"\u003e\u003ccode\u003e8dff42c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1\"\u003e\u003ccode\u003ef31d21e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ehasown\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd\"\u003e\u003ccode\u003e92ae0eb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ejs-randomness-predictor\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97\"\u003e\u003ccode\u003e67b0f65\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435\"\u003e\u003ccode\u003e64190db\u003c/code\u003e\u003c/a\u003e v4.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd\"\u003e\u003ccode\u003e92ae0eb\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ehasown\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1\"\u003e\u003ccode\u003ef31d21e\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99\"\u003e\u003ccode\u003e8dff42c\u003c/code\u003e\u003c/a\u003e [Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97\"\u003e\u003ccode\u003e67b0f65\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003ejs-randomness-predictor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 8.0.5 to 8.0.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.8...v8.0.9\"\u003e8.0.9\u003c/a\u003e (2026-05-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etwo pending security advisories (jsonTransport access bypass, List-* CRLF injection) (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1820\"\u003e#1820\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/5f694977da2e0e13dc947037566e8e689a01217e\"\u003e5f69497\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003e8.0.8\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e833d6e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efour listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e850bb91\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.6...v8.0.7\"\u003e8.0.7\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekeep domain as UTF-8 when local part is non-ASCII (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1814\"\u003e#1814\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/66d4ecb5aa431f3614a26b3c08b9c63cdf32a9ea\"\u003e66d4ecb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.5...v8.0.6\"\u003e8.0.6\u003c/a\u003e (2026-04-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erestore base64 wrap() trim behavior to prevent trailing CRLF (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1810\"\u003e#1810\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1811\"\u003e#1811\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b1ae6c1c2927240737d9f68f316f0c84042b8adb\"\u003eb1ae6c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.8...v8.0.9\"\u003e8.0.9\u003c/a\u003e (2026-05-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etwo pending security advisories (jsonTransport access bypass, List-* CRLF injection) (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1820\"\u003e#1820\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/5f694977da2e0e13dc947037566e8e689a01217e\"\u003e5f69497\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003e8.0.8\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e833d6e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efour listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e850bb91\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.6...v8.0.7\"\u003e8.0.7\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekeep domain as UTF-8 when local part is non-ASCII (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1814\"\u003e#1814\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/66d4ecb5aa431f3614a26b3c08b9c63cdf32a9ea\"\u003e66d4ecb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.5...v8.0.6\"\u003e8.0.6\u003c/a\u003e (2026-04-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erestore base64 wrap() trim behavior to prevent trailing CRLF (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1810\"\u003e#1810\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1811\"\u003e#1811\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b1ae6c1c2927240737d9f68f316f0c84042b8adb\"\u003eb1ae6c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/07303cb0cb34b97b44856f5de3eff212b63e4567\"\u003e\u003ccode\u003e07303cb\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.9 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1821\"\u003e#1821\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/5f694977da2e0e13dc947037566e8e689a01217e\"\u003e\u003ccode\u003e5f69497\u003c/code\u003e\u003c/a\u003e fix: two pending security advisories (jsonTransport access bypass, List-* CRL...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/15138a84c543c20aa399218534cdbbfa2ea1ce55\"\u003e\u003ccode\u003e15138a8\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.8 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1819\"\u003e#1819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e\u003ccode\u003e850bb91\u003c/code\u003e\u003c/a\u003e fix: four listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e\u003ccode\u003e833d6e5\u003c/code\u003e\u003c/a\u003e fix: enforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/1997040e23e5df901b8ee085ae3fc1fdbdd06f9f\"\u003e\u003ccode\u003e1997040\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.7 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1815\"\u003e#1815\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9b9c545dcfae3b884d5b92bf3196e674066e8b3e\"\u003e\u003ccode\u003e9b9c545\u003c/code\u003e\u003c/a\u003e chore: drop nodemailer-ntlm-auth devDependency (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1816\"\u003e#1816\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/22bf90cf111f02b7a0271494d85b48adcc8ab0a1\"\u003e\u003ccode\u003e22bf90c\u003c/code\u003e\u003c/a\u003e Bumped dev deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/66d4ecb5aa431f3614a26b3c08b9c63cdf32a9ea\"\u003e\u003ccode\u003e66d4ecb\u003c/code\u003e\u003c/a\u003e fix: keep domain as UTF-8 when local part is non-ASCII (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1814\"\u003e#1814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/6a4a01e1c94a469d8dc56cc858ea5beb80e1f9b8\"\u003e\u003ccode\u003e6a4a01e\u003c/code\u003e\u003c/a\u003e Fix/base64 wrap trailing crlf (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1813\"\u003e#1813\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.5...v8.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/abhisek2004/Dev-Elevate/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/abhisek2004/Dev-Elevate/pull/760","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/abhisek2004%2FDev-Elevate/issues/760","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/760/packages"},{"uuid":"4670045357","node_id":"PR_kwDOSDVEus7mytpy","number":83,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 14 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-06-16T00:46:37.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-16T00:46:23.000Z","updated_at":"2026-06-16T00:46:46.000Z","time_to_close":14,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":14,"packages":[{"name":"@grpc/grpc-js","old_version":"1.8.22","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"@grpc/grpc-js","old_version":"1.14.3","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"axios","old_version":"0.30.3","new_version":"1.18.0","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.13.6","new_version":"1.18.0","repository_url":"https://github.com/axios/axios"},{"name":"liquidjs","old_version":"10.25.1","new_version":"10.26.0","repository_url":"https://github.com/harttle/liquidjs"},{"name":"protobufjs","old_version":"7.2.6","new_version":"7.6.3","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"dompurify","old_version":"3.3.3","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"fast-xml-parser","old_version":"5.2.5","new_version":"5.7.3","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"esbuild","old_version":"0.21.5","new_version":"removed","repository_url":"https://github.com/evanw/esbuild"},{"name":"fast-uri","old_version":"3.1.0","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"ip-address","old_version":"10.1.0","new_version":"10.2.0","repository_url":"https://github.com/beaugunderson/ip-address"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.8.22` | `1.14.4` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.14.3` | `1.14.4` |\n| [axios](https://github.com/axios/axios) | `0.30.3` | `1.18.0` |\n| [axios](https://github.com/axios/axios) | `1.13.6` | `1.18.0` |\n| [liquidjs](https://github.com/harttle/liquidjs) | `10.25.1` | `10.26.0` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.2.6` | `7.6.3` |\n| [qs](https://github.com/ljharb/qs) | `6.14.2` | `6.15.2` |\n| [ws](https://github.com/websockets/ws) | `8.19.0` | `8.21.0` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.3` | `3.4.9` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.2.5` | `5.7.3` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.21.5` | `removed` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.1.0` | `3.1.2` |\n| [ip-address](https://github.com/beaugunderson/ip-address) | `10.1.0` | `10.2.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\n\nUpdates `@grpc/grpc-js` from 1.8.22 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSend halfClose immediately after messages to prevent late halfClose issues with Envoy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3031\"\u003e#3031\u003c/a\u003e contributed by \u003ca href=\"https://github.com/serkanerip\"\u003e\u003ccode\u003e@​serkanerip\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix server keep alive timeout not properly destroying connections (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3022\"\u003e#3022\u003c/a\u003e contributed by \u003ca href=\"https://github.com/mattias-wiberg\"\u003e\u003ccode\u003e@​mattias-wiberg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regression of the settings used internally for HTTP/2 sessions (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3023\"\u003e#3023\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js-xds\u003c/code\u003e 1.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement RBAC support (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A41-xds-rbac.md\"\u003egRFC A41\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2939\"\u003e#2939\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2945\"\u003e#2945\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eweighted_round_robin\u003c/code\u003e to LB policy registry (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3001\"\u003e#3001\u003c/a\u003e) (currently experimental, enabled by the environment variable \u003ccode\u003eGRPC_EXPERIMENTAL_XDS_WRR_LB\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ewrr_locality\u003c/code\u003e to LB policy registry (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3003\"\u003e#3003\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003egetAuthContext\u003c/code\u003e method to client and server call classes (more details can be found in \u003ca href=\"https://github.com/grpc/proposal/blob/master/L35-node-getAuthContext.md\"\u003egRFC L35\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2920\"\u003e#2920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement custom backend metrics support (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A51-custom-backend-metrics.md\"\u003egRFC A51\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2978\"\u003e#2978\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2983\"\u003e#2983\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2985\"\u003e#2985\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2986\"\u003e#2986\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2999\"\u003e#2999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003egetConnectionInfo\u003c/code\u003e method to the \u003ccode\u003eServerInterceptingCall\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2922\"\u003e#2922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement the \u003ccode\u003eweighted_round_robin\u003c/code\u003e load balancing policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2998\"\u003e#2998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix jitter behavior for client retries (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2960\"\u003e#2960\u003c/a\u003e contributed by \u003ca href=\"https://github.com/ekscentrysytet\"\u003e\u003ccode\u003e@​ekscentrysytet\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStart connecting from a random index in the \u003ccode\u003eround_robin\u003c/code\u003e LB policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2979\"\u003e#2979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSend connection-level WINDOW_UPDATE at session start (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2971\"\u003e#2971\u003c/a\u003e contributed by \u003ca href=\"https://github.com/KoenRijpstra\"\u003e\u003ccode\u003e@​KoenRijpstra\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eExperimental API Changes\u003c/h2\u003e\n\u003cp\u003eAdded:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eCHANNEL_ARGS_CONFIG_SELECTOR_KEY\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eStatusOr\u0026lt;T\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCallStream\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatusOrFromValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatusOrFromError\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModified:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResolverListener#onSuccessfulResolution\u003c/code\u003e now has the signature \u003ccode\u003e(endpointList: StatusOr\u0026lt;Endpoint[]\u0026gt;, attributes: { [key: string]: unknown }, serviceConfig: StatusOr\u0026lt;ServiceConfig\u0026gt; | null, resolutionNote: string): boolean\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eLoadBalancer#updateAddressList\u003c/code\u003e now has the signature `updateAddressList(endpointList: StatusOr\u0026lt;Endpoint[]\u0026gt;,lbConfig: TypedLoadBalancingConfig, channelOptions: ChannelOptions, resolutionNote: string): boolean\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.13.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.13.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ability to set SNI with \u003ccode\u003essl_target_name_override\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2956\"\u003e#2956\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/ccd29b27d28ce8937f8250f72e5e6027ed5af09a\"\u003e\u003ccode\u003eccd29b2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3032\"\u003e#3032\u003c/a\u003e from murgatroid99/grpc-js_retry_half_close_1.14\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.22...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.14.3 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSend halfClose immediately after messages to prevent late halfClose issues with Envoy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3031\"\u003e#3031\u003c/a\u003e contributed by \u003ca href=\"https://github.com/serkanerip\"\u003e\u003ccode\u003e@​serkanerip\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix server keep alive timeout not properly destroying connections (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3022\"\u003e#3022\u003c/a\u003e contributed by \u003ca href=\"https://github.com/mattias-wiberg\"\u003e\u003ccode\u003e@​mattias-wiberg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regression of the settings used internally for HTTP/2 sessions (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3023\"\u003e#3023\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js-xds\u003c/code\u003e 1.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement RBAC support (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A41-xds-rbac.md\"\u003egRFC A41\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2939\"\u003e#2939\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2945\"\u003e#2945\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eweighted_round_robin\u003c/code\u003e to LB policy registry (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3001\"\u003e#3001\u003c/a\u003e) (currently experimental, enabled by the environment variable \u003ccode\u003eGRPC_EXPERIMENTAL_XDS_WRR_LB\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ewrr_locality\u003c/code\u003e to LB policy registry (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3003\"\u003e#3003\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003egetAuthContext\u003c/code\u003e method to client and server call classes (more details can be found in \u003ca href=\"https://github.com/grpc/proposal/blob/master/L35-node-getAuthContext.md\"\u003egRFC L35\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2920\"\u003e#2920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement custom backend metrics support (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A51-custom-backend-metrics.md\"\u003egRFC A51\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2978\"\u003e#2978\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2983\"\u003e#2983\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2985\"\u003e#2985\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2986\"\u003e#2986\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2999\"\u003e#2999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003egetConnectionInfo\u003c/code\u003e method to the \u003ccode\u003eServerInterceptingCall\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2922\"\u003e#2922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement the \u003ccode\u003eweighted_round_robin\u003c/code\u003e load balancing policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2998\"\u003e#2998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix jitter behavior for client retries (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2960\"\u003e#2960\u003c/a\u003e contributed by \u003ca href=\"https://github.com/ekscentrysytet\"\u003e\u003ccode\u003e@​ekscentrysytet\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStart connecting from a random index in the \u003ccode\u003eround_robin\u003c/code\u003e LB policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2979\"\u003e#2979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSend connection-level WINDOW_UPDATE at session start (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2971\"\u003e#2971\u003c/a\u003e contributed by \u003ca href=\"https://github.com/KoenRijpstra\"\u003e\u003ccode\u003e@​KoenRijpstra\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eExperimental API Changes\u003c/h2\u003e\n\u003cp\u003eAdded:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eCHANNEL_ARGS_CONFIG_SELECTOR_KEY\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eStatusOr\u0026lt;T\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCallStream\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatusOrFromValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatusOrFromError\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModified:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResolverListener#onSuccessfulResolution\u003c/code\u003e now has the signature \u003ccode\u003e(endpointList: StatusOr\u0026lt;Endpoint[]\u0026gt;, attributes: { [key: string]: unknown }, serviceConfig: StatusOr\u0026lt;ServiceConfig\u0026gt; | null, resolutionNote: string): boolean\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eLoadBalancer#updateAddressList\u003c/code\u003e now has the signature `updateAddressList(endpointList: StatusOr\u0026lt;Endpoint[]\u0026gt;,lbConfig: TypedLoadBalancingConfig, channelOptions: ChannelOptions, resolutionNote: string): boolean\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.13.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.13.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ability to set SNI with \u003ccode\u003essl_target_name_override\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2956\"\u003e#2956\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/ccd29b27d28ce8937f8250f72e5e6027ed5af09a\"\u003e\u003ccode\u003eccd29b2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3032\"\u003e#3032\u003c/a\u003e from murgatroid99/grpc-js_retry_half_close_1.14\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.22...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.30.3 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d06f96e8602c2db13b65a26340ee4a1bbc0b61f\"\u003e\u003ccode\u003e2d06f96\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.18.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32fc489632377d214db55bfa4e2c48486a7d7ce2\"\u003e\u003ccode\u003e32fc489\u003c/code\u003e\u003c/a\u003e fix: malformed http urls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b40ce498abfa10d90b873b4fd08f520afa5d2545\"\u003e\u003ccode\u003eb40ce49\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 10 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fe964f960ecb52c3e1155b0daf7be77541956b01\"\u003e\u003ccode\u003efe964f9\u003c/code\u003e\u003c/a\u003e docs: mark proxy config as Node.js only (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5f229d2d1f018d1db3dab6bbe034dbf3f9041b99\"\u003e\u003ccode\u003e5f229d2\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fae9d4e7db6a858c407c75e607a071c533c5c4f6\"\u003e\u003ccode\u003efae9d4e\u003c/code\u003e\u003c/a\u003e docs: clarify package update PR policy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28ab2ced820e55192806c53472ab3eb0cbb68dc2\"\u003e\u003ccode\u003e28ab2ce\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a8e4f13aeecc45a3b8fab3ecfd9ddb5d70fb772b\"\u003e\u003ccode\u003ea8e4f13\u003c/code\u003e\u003c/a\u003e fix(core): keep default validateStatus when request passes undefined (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/614f4552a17de757d4171ad7c3bd38c9c1025fd8\"\u003e\u003ccode\u003e614f455\u003c/code\u003e\u003c/a\u003e docs: publish v1.17.0 release notes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6bb12c191f5380fad321322fb90216ae0dc36985\"\u003e\u003ccode\u003e6bb12c1\u003c/code\u003e\u003c/a\u003e fix: custom auth headers not stripped on cross-origin redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.30.3...v1.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.6 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d06f96e8602c2db13b65a26340ee4a1bbc0b61f\"\u003e\u003ccode\u003e2d06f96\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.18.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32fc489632377d214db55bfa4e2c48486a7d7ce2\"\u003e\u003ccode\u003e32fc489\u003c/code\u003e\u003c/a\u003e fix: malformed http urls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b40ce498abfa10d90b873b4fd08f520afa5d2545\"\u003e\u003ccode\u003eb40ce49\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 10 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fe964f960ecb52c3e1155b0daf7be77541956b01\"\u003e\u003ccode\u003efe964f9\u003c/code\u003e\u003c/a\u003e docs: mark proxy config as Node.js only (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5f229d2d1f018d1db3dab6bbe034dbf3f9041b99\"\u003e\u003ccode\u003e5f229d2\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fae9d4e7db6a858c407c75e607a071c533c5c4f6\"\u003e\u003ccode\u003efae9d4e\u003c/code\u003e\u003c/a\u003e docs: clarify package update PR policy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28ab2ced820e55192806c53472ab3eb0cbb68dc2\"\u003e\u003ccode\u003e28ab2ce\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a8e4f13aeecc45a3b8fab3ecfd9ddb5d70fb772b\"\u003e\u003ccode\u003ea8e4f13\u003c/code\u003e\u003c/a\u003e fix(core): keep default validateStatus when request passes undefined (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/614f4552a17de757d4171ad7c3bd38c9c1025fd8\"\u003e\u003ccode\u003e614f455\u003c/code\u003e\u003c/a\u003e docs: publish v1.17.0 release notes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6bb12c191f5380fad321322fb90216ae0dc36985\"\u003e\u003ccode\u003e6bb12c1\u003c/code\u003e\u003c/a\u003e fix: custom auth headers not stripped on cross-origin redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.30.3...v1.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `liquidjs` from 10.25.1 to 10.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/harttle/liquidjs/releases\"\u003eliquidjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.26.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.7...v10.26.0\"\u003e10.26.0\u003c/a\u003e (2026-05-14)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edate:\u003c/strong\u003e cap strftime widths and account padding in memoryLimit (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/895\"\u003e#895\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/3129d46dc95efa357b00e5a57ee1af80a13d72ed\"\u003e3129d46\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenforce renderLimit for empty renderTemplates calls (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/5b9c3469085e01c79e2d0af28e2a13f730e1793d\"\u003e5b9c346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epropagate ownPropertyOnly into Context.spawn() for {% render %} (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/893\"\u003e#893\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/dbbf6288030591bf6da28d8c1cce5a17bca97bb6\"\u003edbbf628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e block Object.prototype filter/tag lookups (RCE) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/897\"\u003e#897\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/457fae0736c3ec862539b9dbf7f477e6c08fb6c6\"\u003e457fae0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003estrip html newline tags (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/892\"\u003e#892\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/26ea2856c7a90aec892b98d94a9b7a3e18539045\"\u003e26ea285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003estrip_html:\u003c/strong\u003e rewrite as linear single-pass scan to avoid ReDoS (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/896\"\u003e#896\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/3616a744b9abeb425c217b340a2397d46176afb8\"\u003e3616a74\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd sha256 and hmac_sha256 filters for cryptographic operations (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/1c816d4fc3bcd2cba011f7a84f56a4251fca0622\"\u003e1c816d4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.25.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.6...v10.25.7\"\u003e10.25.7\u003c/a\u003e (2026-04-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003efilters:\u003c/strong\u003e support Buffer input in base64_encode to prevent binary data corruption (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/881\"\u003e#881\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/0ee6dbb511aa926f6d490293282060abf3bab37f\"\u003e0ee6dbb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.25.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.5...v10.25.6\"\u003e10.25.6\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enested block for layout (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/e2311dfd6e82f73509308aa8a3a1fafc92e226f0\"\u003ee2311df\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.25.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.4...v10.25.5\"\u003e10.25.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce root containment for renderFile/parseFile lookups (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/870\"\u003e#870\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/f41c1fc02fe901598f3328118b42b13bc6bc9b04\"\u003ef41c1fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enull date should return empty (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/868\"\u003e#868\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/872\"\u003e#872\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/4f9a49988a93c156524981e189a4fec238e682b8\"\u003e4f9a499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erounding negative away from zero when half (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/873\"\u003e#873\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/1cdf10b57d82f0592414efbfca19e204b37aea9f\"\u003e1cdf10b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.25.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.3...v10.25.4\"\u003e10.25.4\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md\"\u003eliquidjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.7...v10.26.0\"\u003e10.26.0\u003c/a\u003e (2026-05-14)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edate:\u003c/strong\u003e cap strftime widths and account padding in memoryLimit (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/895\"\u003e#895\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/3129d46dc95efa357b00e5a57ee1af80a13d72ed\"\u003e3129d46\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenforce renderLimit for empty renderTemplates calls (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/5b9c3469085e01c79e2d0af28e2a13f730e1793d\"\u003e5b9c346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epropagate ownPropertyOnly into Context.spawn() for {% render %} (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/893\"\u003e#893\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/dbbf6288030591bf6da28d8c1cce5a17bca97bb6\"\u003edbbf628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e block Object.prototype filter/tag lookups (RCE) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/897\"\u003e#897\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/457fae0736c3ec862539b9dbf7f477e6c08fb6c6\"\u003e457fae0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003estrip html newline tags (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/892\"\u003e#892\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/26ea2856c7a90aec892b98d94a9b7a3e18539045\"\u003e26ea285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003estrip_html:\u003c/strong\u003e rewrite as linear single-pass scan to avoid ReDoS (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/896\"\u003e#896\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/3616a744b9abeb425c217b340a2397d46176afb8\"\u003e3616a74\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd sha256 and hmac_sha256 filters for cryptographic operations (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/1c816d4fc3bcd2cba011f7a84f56a4251fca0622\"\u003e1c816d4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.6...v10.25.7\"\u003e10.25.7\u003c/a\u003e (2026-04-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003efilters:\u003c/strong\u003e support Buffer input in base64_encode to prevent binary data corruption (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/881\"\u003e#881\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/0ee6dbb511aa926f6d490293282060abf3bab37f\"\u003e0ee6dbb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.5...v10.25.6\"\u003e10.25.6\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enested block for layout (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/e2311dfd6e82f73509308aa8a3a1fafc92e226f0\"\u003ee2311df\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.4...v10.25.5\"\u003e10.25.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce root containment for renderFile/parseFile lookups (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/870\"\u003e#870\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/f41c1fc02fe901598f3328118b42b13bc6bc9b04\"\u003ef41c1fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enull date should return empty (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/868\"\u003e#868\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/872\"\u003e#872\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/4f9a49988a93c156524981e189a4fec238e682b8\"\u003e4f9a499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erounding negative away from zero when half (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/873\"\u003e#873\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/1cdf10b57d82f0592414efbfca19e204b37aea9f\"\u003e1cdf10b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.3...v10.25.4\"\u003e10.25.4\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esort and sort_natural filters bypass ownPropertyOnly (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/869\"\u003e#869\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/e743da0020d34e2ee547e1cc1a86b58377ebe1ce\"\u003ee743da0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.2...v10.25.3\"\u003e10.25.3\u003c/a\u003e (2026-04-06)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/c20c0af02d33e8d2ca6b08925eadca8755257c39\"\u003e\u003ccode\u003ec20c0af\u003c/code\u003e\u003c/a\u003e chore(release): 10.26.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/457fae0736c3ec862539b9dbf7f477e6c08fb6c6\"\u003e\u003ccode\u003e457fae0\u003c/code\u003e\u003c/a\u003e fix(security): block Object.prototype filter/tag lookups (RCE) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/897\"\u003e#897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/3616a744b9abeb425c217b340a2397d46176afb8\"\u003e\u003ccode\u003e3616a74\u003c/code\u003e\u003c/a\u003e fix(strip_html): rewrite as linear single-pass scan to avoid ReDoS (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/896\"\u003e#896\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/3129d46dc95efa357b00e5a57ee1af80a13d72ed\"\u003e\u003ccode\u003e3129d46\u003c/code\u003e\u003c/a\u003e fix(date): cap strftime widths and account padding in memoryLimit (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/895\"\u003e#895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/5b9c3469085e01c79e2d0af28e2a13f730e1793d\"\u003e\u003ccode\u003e5b9c346\u003c/code\u003e\u003c/a\u003e fix: enforce renderLimit for empty renderTemplates calls (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/894\"\u003e#894\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/dbbf6288030591bf6da28d8c1cce5a17bca97bb6\"\u003e\u003ccode\u003edbbf628\u003c/code\u003e\u003c/a\u003e fix: propagate ownPropertyOnly into Context.spawn() for {% render %} (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/893\"\u003e#893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/26ea2856c7a90aec892b98d94a9b7a3e18539045\"\u003e\u003ccode\u003e26ea285\u003c/code\u003e\u003c/a\u003e fix: strip html newline tags (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/892\"\u003e#892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/a55f543f49aea8f769e680b0d115aa903952efd0\"\u003e\u003ccode\u003ea55f543\u003c/code\u003e\u003c/a\u003e docs(readme): add Freshet to Who's Using LiquidJS (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/d1d517d1eca66fff546beb98131e8254d6eccad1\"\u003e\u003ccode\u003ed1d517d\u003c/code\u003e\u003c/a\u003e docs: add VladimirFilonov as a contributor for code (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/891\"\u003e#891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/1c816d4fc3bcd2cba011f7a84f56a4251fca0622\"\u003e\u003ccode\u003e1c816d4\u003c/code\u003e\u003c/a\u003e feat: add sha256 and hmac_sha256 filters for cryptographic operations (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/889\"\u003e#889\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.1...v10.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.2.6 to 7.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.2...protobufjs-v7.6.3\"\u003e7.6.3\u003c/a\u003e (2026-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid name collisions in generated code (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2311\"\u003e#2311\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/78a9576269a5b590c54686a8122e78e28135cd50\"\u003e78a9576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve null conversion behavior for fieldless messages (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2312\"\u003e#2312\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/df91652aa5cb1ee0204566252df85cbe752298a6\"\u003edf91652\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.1...protobufjs-v7.6.2\"\u003e7.6.2\u003c/a\u003e (2026-05-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport consistency and correctness fixes (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2294\"\u003e#2294\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a92f72e1cb731f06040a7917d3e041666d5f5601\"\u003ea92f72e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.3/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.2...protobufjs-v7.6.3\"\u003e7.6.3\u003c/a\u003e (2026-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid name collisions in generated code (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2311\"\u003e#2311\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/78a9576269a5b590c54686a8122e78e28135cd50\"\u003e78a9576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve null conversion behavior for fieldless messages (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2312\"\u003e#2312\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/df91652aa5cb1ee0204566252df85cbe752298a6\"\u003edf91652\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.1...protobufjs-v7.6.2\"\u003e7.6.2\u003c/a\u003e (2026-05-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport consistency and correctness fixes (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2294\"\u003e#2294\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a92f72e1cb731f06040a7917d3e041666d5f5601\"\u003ea92f72e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned ...\n\n_Description has been truncated_","html_url":"https://github.com/lhy8888/uptime/pull/83","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lhy8888%2Fuptime/issues/83","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/83/packages"},{"uuid":"4669835393","node_id":"PR_kwDORTfhNM7myCHG","number":1,"state":"open","title":"build(deps): bump the npm_and_yarn group across 2 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T23:58:26.000Z","updated_at":"2026-06-15T23:59:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"dompurify","old_version":"3.3.1","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"vite","old_version":"7.3.1","new_version":"7.3.5","repository_url":"https://github.com/vitejs/vite"},{"name":"vitest","old_version":"4.0.18","new_version":"4.1.0","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"@whiskeysockets/baileys","old_version":"7.0.0-rc.9","new_version":"7.0.0-rc12","repository_url":"https://github.com/WhiskeySockets/Baileys"},{"name":"markdown-it","old_version":"14.1.1","new_version":"14.2.0","repository_url":"https://github.com/markdown-it/markdown-it"},{"name":"tar","old_version":"7.5.9","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /ui directory: [dompurify](https://github.com/cure53/DOMPurify), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).\nBumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.1` | `3.4.9` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.3.1` | `7.3.5` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.18` | `4.1.0` |\n| [@whiskeysockets/baileys](https://github.com/WhiskeySockets/Baileys) | `7.0.0-rc.9` | `7.0.0-rc12` |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `14.1.1` | `14.2.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.9` | `7.5.16` |\n| [ws](https://github.com/websockets/ws) | `8.19.0` | `8.21.0` |\n\n\nUpdates `dompurify` from 3.3.1 to 3.4.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🚨 \u003cstrong\u003eThis release had been flagged as deprecated, please use DOMPurify 3.4.5 instead\u003c/strong\u003e 🚨\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue with handling of nested Shadow DOM trees, thanks \u003ca href=\"https://github.com/fishjojo1\"\u003e\u003ccode\u003e@​fishjojo1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the template regexes to be more robust against ReDoS attacks, thanks \u003ca href=\"https://github.com/aleung27\"\u003e\u003ccode\u003e@​aleung27\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the node iteration code to catch more Shadow DOM related issues\u003c/li\u003e\n\u003cli\u003eUpdated Playwright and added Node 26 to test matrix\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, release signing, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/09f59115a311469de5b625225760593e551f080a\"\u003e\u003ccode\u003e09f5911\u003c/code\u003e\u003c/a\u003e test: added three more browsers to test setup (OSX, mobile)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.1...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 7.3.1 to 7.3.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.3...v7.3.5\"\u003e7.3.5\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22574\"\u003e#22574\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e8c18556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e backport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22573\"\u003e#22573\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003ef20d64b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eskip v7.3.4 release (\u003ca href=\"https://github.com/vitejs/vite/commit/8a6a0c9fc734dbfe293ac33a4954506ee50430e1\"\u003e8a6a0c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.3...v7.3.4\"\u003e7.3.4\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22574\"\u003e#22574\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e8c18556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e backport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22573\"\u003e#22573\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003ef20d64b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.2...v7.3.3\"\u003e7.3.3\u003c/a\u003e (2026-05-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid destructure lowering for newer safari (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22346\"\u003e#22346\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e5ab51c0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/077945cb60df372a52cf999b6e532ba70fac7423\"\u003e\u003ccode\u003e077945c\u003c/code\u003e\u003c/a\u003e release: v7.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8a6a0c9fc734dbfe293ac33a4954506ee50430e1\"\u003e\u003ccode\u003e8a6a0c9\u003c/code\u003e\u003c/a\u003e chore: skip v7.3.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e\u003ccode\u003e8c18556\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22574\"\u003e#22574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003e\u003ccode\u003ef20d64b\u003c/code\u003e\u003c/a\u003e fix(deps): backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/2\"\u003e#2\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca31424cccb075c88131132b929a63527d0e2b69\"\u003e\u003ccode\u003eca31424\u003c/code\u003e\u003c/a\u003e release: v7.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e\u003ccode\u003e5ab51c0\u003c/code\u003e\u003c/a\u003e fix: avoid destructure lowering for newer safari (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22346\"\u003e#22346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.5/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 4.0.18 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003cp\u003eVitest 4.1 is out!\u003c/p\u003e\n\u003cp\u003eThis release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our \u003ca href=\"https://vitest.dev/blog/vitest-4-1\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReturn a disposable from doMock()  -  by \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9332\"\u003evitest-dev/vitest#9332\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e3e659a96\"\u003e\u003c!-- raw HTML omitted --\u003e(e3e65)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded chai style assertions  -  by \u003ca href=\"https://github.com/ronnakamoto\"\u003e\u003ccode\u003e@​ronnakamoto\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8842\"\u003evitest-dev/vitest#8842\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/841df9ac5\"\u003e\u003c!-- raw HTML omitted --\u003e(841df)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to sinon/fake-timers v15 and add \u003ccode\u003esetTickMode\u003c/code\u003e to timer controls  -  by \u003ca href=\"https://github.com/atscott\"\u003e\u003ccode\u003e@​atscott\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8726\"\u003evitest-dev/vitest#8726\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4b480aaed\"\u003e\u003c!-- raw HTML omitted --\u003e(4b480)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose matcher types  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9448\"\u003evitest-dev/vitest#9448\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/3e4b913b1\"\u003e\u003c!-- raw HTML omitted --\u003e(3e4b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etoTestSpecification\u003c/code\u003e to reported tasks  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9464\"\u003evitest-dev/vitest#9464\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1a4705da9\"\u003e\u003c!-- raw HTML omitted --\u003e(1a470)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow a warning if \u003ccode\u003evi.mock\u003c/code\u003e or \u003ccode\u003evi.hoisted\u003c/code\u003e are declared outside of top level of the module  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9387\"\u003evitest-dev/vitest#9387\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/5db54a468\"\u003e\u003c!-- raw HTML omitted --\u003e(5db54)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTrack and display expectedly failed tests (.fails) in UI and CLI  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9476\"\u003evitest-dev/vitest#9476\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/77d75fd34\"\u003e\u003c!-- raw HTML omitted --\u003e(77d75)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport tags  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9478\"\u003evitest-dev/vitest#9478\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/de7c8a521\"\u003e\u003c!-- raw HTML omitted --\u003e(de7c8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003earoundEach\u003c/code\u003e and \u003ccode\u003earoundAll\u003c/code\u003e hooks  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9450\"\u003evitest-dev/vitest#9450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2a8cb9dc2\"\u003e\u003c!-- raw HTML omitted --\u003e(2a8cb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStabilize experimental features  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9529\"\u003evitest-dev/vitest#9529\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/b5fd2a16a\"\u003e\u003c!-- raw HTML omitted --\u003e(b5fd2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccept \u003ccode\u003enew\u003c/code\u003e or \u003ccode\u003eall\u003c/code\u003e in \u003ccode\u003e--update\u003c/code\u003e flag  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9543\"\u003evitest-dev/vitest#9543\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/a5acf28a5\"\u003e\u003c!-- raw HTML omitted --\u003e(a5acf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003emeta\u003c/code\u003e in test options  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9535\"\u003evitest-dev/vitest#9535\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7d622e3d1\"\u003e\u003c!-- raw HTML omitted --\u003e(7d622)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport type inference with a new \u003ccode\u003etest.extend\u003c/code\u003e syntax  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9550\"\u003evitest-dev/vitest#9550\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e53854fcc\"\u003e\u003c!-- raw HTML omitted --\u003e(e5385)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport vite 8 beta, fix type issues in the config with different vite versions  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9587\"\u003evitest-dev/vitest#9587\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/990281dfd\"\u003e\u003c!-- raw HTML omitted --\u003e(99028)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd assertion helper to hide internal stack traces  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9594\"\u003evitest-dev/vitest#9594\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/eeb0ae2f8\"\u003e\u003c!-- raw HTML omitted --\u003e(eeb0a)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStore failure screenshots using artifacts API  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9588\"\u003evitest-dev/vitest#9588\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/24603e3c4\"\u003e\u003c!-- raw HTML omitted --\u003e(24603)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003evitest list\u003c/code\u003e to statically collect tests instead of running files to collect them  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9630\"\u003evitest-dev/vitest#9630\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7a8e7fc20\"\u003e\u003c!-- raw HTML omitted --\u003e(7a8e7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--detect-async-leaks\u003c/code\u003e  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9528\"\u003evitest-dev/vitest#9528\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c594d4af3\"\u003e\u003c!-- raw HTML omitted --\u003e(c594d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003emockThrow\u003c/code\u003e and \u003ccode\u003emockThrowOnce\u003c/code\u003e  -  by \u003ca href=\"https://github.com/thor-juhasz\"\u003e\u003ccode\u003e@​thor-juhasz\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9512\"\u003evitest-dev/vitest#9512\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/619179fb7\"\u003e\u003c!-- raw HTML omitted --\u003e(61917)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eupdate: \u0026quot;none\u0026quot;\u003c/code\u003e and add docs about snapshots behavior on CI  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9700\"\u003evitest-dev/vitest#9700\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/05f1854e2\"\u003e\u003c!-- raw HTML omitted --\u003e(05f18)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport playwright \u003ccode\u003elaunchOptions\u003c/code\u003e with \u003ccode\u003econnectOptions\u003c/code\u003e  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9702\"\u003evitest-dev/vitest#9702\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f0ff1b2a0\"\u003e\u003c!-- raw HTML omitted --\u003e(f0ff1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003epage/locator.mark\u003c/code\u003e API to enhance playwright trace  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9652\"\u003evitest-dev/vitest#9652\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/d0ee546fe\"\u003e\u003c!-- raw HTML omitted --\u003e(d0ee5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eSupport tests starting or ending with \u003ccode\u003etest\u003c/code\u003e in \u003ccode\u003eexperimental_parseSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/jgillick\"\u003e\u003ccode\u003e@​jgillick\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eJeremy Gillick\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9235\"\u003evitest-dev/vitest#9235\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2f367fad3\"\u003e\u003c!-- raw HTML omitted --\u003e(2f367)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd filters to \u003ccode\u003ecreateSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9336\"\u003evitest-dev/vitest#9336\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c8e6c7fbf\"\u003e\u003c!-- raw HTML omitted --\u003e(c8e6c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose \u003ccode\u003erunTestFiles\u003c/code\u003e as alternative to \u003ccode\u003erunTestSpecifications\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9443\"\u003evitest-dev/vitest#9443\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/43d761821\"\u003e\u003c!-- raw HTML omitted --\u003e(43d76)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9350\"\u003evitest-dev/vitest#9350\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/20e00ef78\"\u003e\u003c!-- raw HTML omitted --\u003e(20e00)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow passing down test cases to \u003ccode\u003etoTestSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9627\"\u003evitest-dev/vitest#9627\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6f17d5ddf\"\u003e\u003c!-- raw HTML omitted --\u003e(6f17d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003euserEvent.wheel\u003c/code\u003e API  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9188\"\u003evitest-dev/vitest#9188\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/660801979\"\u003e\u003c!-- raw HTML omitted --\u003e(66080)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003efilterNode\u003c/code\u003e option to prettyDOM for filtering browser assertion error output  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9475\"\u003evitest-dev/vitest#9475\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/d3220fcd8\"\u003e\u003c!-- raw HTML omitted --\u003e(d3220)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport playwright persistent context  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eClaude Opus 4.6\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9229\"\u003evitest-dev/vitest#9229\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f865d2ba4\"\u003e\u003c!-- raw HTML omitted --\u003e(f865d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003edetailsPanelPosition\u003c/code\u003e option and button  -  by \u003ca href=\"https://github.com/shairez\"\u003e\u003ccode\u003e@​shairez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9525\"\u003evitest-dev/vitest#9525\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c8a31147c\"\u003e\u003c!-- raw HTML omitted --\u003e(c8a31)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse BlazeDiff instead of pixelmatch  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9514\"\u003evitest-dev/vitest#9514\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/309362089\"\u003e\u003c!-- raw HTML omitted --\u003e(30936)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003efindElement\u003c/code\u003e and enable strict mode in webdriverio and preview  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9677\"\u003evitest-dev/vitest#9677\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c3f37721c\"\u003e\u003c!-- raw HTML omitted --\u003e(c3f37)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/bomb\"\u003e\u003ccode\u003e@​bomb\u003c/code\u003e\u003c/a\u003e.sh/tab completions  -  by \u003ca href=\"https://github.com/AmirSa12\"\u003e\u003ccode\u003e@​AmirSa12\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8639\"\u003evitest-dev/vitest#8639\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/200f31704\"\u003e\u003c!-- raw HTML omitted --\u003e(200f3)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003eignore start/stop\u003c/code\u003e ignore hints  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9204\"\u003evitest-dev/vitest#9204\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e59c94ba6\"\u003e\u003c!-- raw HTML omitted --\u003e(e59c9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecoverage.changed\u003c/code\u003e option to report only changed files  -  by \u003ca href=\"https://github.com/kykim00\"\u003e\u003ccode\u003e@​kykim00\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9521\"\u003evitest-dev/vitest#9521\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1d9392c67\"\u003e\u003c!-- raw HTML omitted --\u003e(1d939)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexperimental\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonModuleRunner\u003c/code\u003e hook to \u003ccode\u003eworker.init\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9286\"\u003evitest-dev/vitest#9286\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e977f3deb\"\u003e\u003c!-- raw HTML omitted --\u003e(e977f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOption to disable the module runner  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9210\"\u003evitest-dev/vitest#9210\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9be6121ee\"\u003e\u003c!-- raw HTML omitted --\u003e(9be61)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/4150b913171bda3971a4a4c47c633c26d0c6ae45\"\u003e\u003ccode\u003e4150b91\u003c/code\u003e\u003c/a\u003e chore: release v4.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/1de0aa22dd6311a93546a75a3c58a6be519c1baf\"\u003e\u003ccode\u003e1de0aa2\u003c/code\u003e\u003c/a\u003e fix: correctly identify concurrent test during static analysis (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9846\"\u003e#9846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/c3cac1c1b5a91d921942e9391fbd94841717363f\"\u003e\u003ccode\u003ec3cac1c\u003c/code\u003e\u003c/a\u003e fix: use isAgent check, not just TTY, for watch mode (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9841\"\u003e#9841\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/eab68ba2b8ea6f89717c0b885c573579659d7c3b\"\u003e\u003ccode\u003eeab68ba\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9824\"\u003e#9824\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/031f02a89be34491c441b4da9c4e2bacb7db71df\"\u003e\u003ccode\u003e031f02a\u003c/code\u003e\u003c/a\u003e fix: allow catch/finally for async assertion (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9827\"\u003e#9827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/3e9e096a231fa0ec6475da82e36cbd6fcc9bc8f9\"\u003e\u003ccode\u003e3e9e096\u003c/code\u003e\u003c/a\u003e feat(reporters): add \u003ccode\u003eagent\u003c/code\u003e reporter to reduce ai agent token usage (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9779\"\u003e#9779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c2c01361a95dd26d0d7fd7bc38bcca8dbc6e5d2\"\u003e\u003ccode\u003e0c2c013\u003c/code\u003e\u003c/a\u003e chore: release v4.1.0-beta.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8181e06e765f4d043818b244c76795022fa78ff6\"\u003e\u003ccode\u003e8181e06\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003ehideSkippedTests\u003c/code\u003e should not hide \u003ccode\u003etest.todo\u003c/code\u003e (fix \u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9562\"\u003e#9562\u003c/a\u003e) (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9781\"\u003e#9781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8216b0014b83612e40ef49f919d5293b68717b3\"\u003e\u003ccode\u003ea8216b0\u003c/code\u003e\u003c/a\u003e fix: manual and redirect mock shouldn't \u003ccode\u003eload\u003c/code\u003e or \u003ccode\u003etransform\u003c/code\u003e original module...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/689a22a1b8c79595f6f4ae82d2b43c895d7f1c50\"\u003e\u003ccode\u003e689a22a\u003c/code\u003e\u003c/a\u003e fix(browser): types of \u003ccode\u003egetCDPSession\u003c/code\u003e and \u003ccode\u003ecdp()\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9716\"\u003e#9716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.3.1 to 3.4.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🚨 \u003cstrong\u003eThis release had been flagged as deprecated, please use DOMPurify 3.4.5 instead\u003c/strong\u003e 🚨\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue with handling of nested Shadow DOM trees, thanks \u003ca href=\"https://github.com/fishjojo1\"\u003e\u003ccode\u003e@​fishjojo1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the template regexes to be more robust against ReDoS attacks, thanks \u003ca href=\"https://github.com/aleung27\"\u003e\u003ccode\u003e@​aleung27\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the node iteration code to catch more Shadow DOM related issues\u003c/li\u003e\n\u003cli\u003eUpdated Playwright and added Node 26 to test matrix\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, release signing, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/09f59115a311469de5b625225760593e551f080a\"\u003e\u003ccode\u003e09f5911\u003c/code\u003e\u003c/a\u003e test: added three more browsers to test setup (OSX, mobile)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.1...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 7.3.1 to 7.3.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.3...v7.3.5\"\u003e7.3.5\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22574\"\u003e#22574\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e8c18556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e backport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22573\"\u003e#22573\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003ef20d64b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eskip v7.3.4 release (\u003ca href=\"https://github.com/vitejs/vite/commit/8a6a0c9fc734dbfe293ac33a4954506ee50430e1\"\u003e8a6a0c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.3...v7.3.4\"\u003e7.3.4\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22574\"\u003e#22574\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e8c18556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e backport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22573\"\u003e#22573\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003ef20d64b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.2...v7.3.3\"\u003e7.3.3\u003c/a\u003e (2026-05-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid destructure lowering for newer safari (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22346\"\u003e#22346\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e5ab51c0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/077945cb60df372a52cf999b6e532ba70fac7423\"\u003e\u003ccode\u003e077945c\u003c/code\u003e\u003c/a\u003e release: v7.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8a6a0c9fc734dbfe293ac33a4954506ee50430e1\"\u003e\u003ccode\u003e8a6a0c9\u003c/code\u003e\u003c/a\u003e chore: skip v7.3.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e\u003ccode\u003e8c18556\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22574\"\u003e#22574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003e\u003ccode\u003ef20d64b\u003c/code\u003e\u003c/a\u003e fix(deps): backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/2\"\u003e#2\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca31424cccb075c88131132b929a63527d0e2b69\"\u003e\u003ccode\u003eca31424\u003c/code\u003e\u003c/a\u003e release: v7.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e\u003ccode\u003e5ab51c0\u003c/code\u003e\u003c/a\u003e fix: avoid destructure lowering for newer safari (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22346\"\u003e#22346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.5/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 4.0.18 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003cp\u003eVitest 4.1 is out!\u003c/p\u003e\n\u003cp\u003eThis release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our \u003ca href=\"https://vitest.dev/blog/vitest-4-1\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReturn a disposable from doMock()  -  by \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9332\"\u003evitest-dev/vitest#9332\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e3e659a96\"\u003e\u003c!-- raw HTML omitted --\u003e(e3e65)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded chai style assertions  -  by \u003ca href=\"https://github.com/ronnakamoto\"\u003e\u003ccode\u003e@​ronnakamoto\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8842\"\u003evitest-dev/vitest#8842\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/841df9ac5\"\u003e\u003c!-- raw HTML omitted --\u003e(841df)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to sinon/fake-timers v15 and add \u003ccode\u003esetTickMode\u003c/code\u003e to timer controls  -  by \u003ca href=\"https://github.com/atscott\"\u003e\u003ccode\u003e@​atscott\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8726\"\u003evitest-dev/vitest#8726\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4b480aaed\"\u003e\u003c!-- raw HTML omitted --\u003e(4b480)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose matcher types  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9448\"\u003evitest-dev/vitest#9448\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/3e4b913b1\"\u003e\u003c!-- raw HTML omitted --\u003e(3e4b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etoTestSpecification\u003c/code\u003e to reported tasks  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9464\"\u003evitest-dev/vitest#9464\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1a4705da9\"\u003e\u003c!-- raw HTML omitted --\u003e(1a470)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow a warning if \u003ccode\u003evi.mock\u003c/code\u003e or \u003ccode\u003evi.hoisted\u003c/code\u003e are declared outside of top level of the module  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9387\"\u003evitest-dev/vitest#9387\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/5db54a468\"\u003e\u003c!-- raw HTML omitted --\u003e(5db54)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTrack and display expectedly failed tests (.fails) in UI and CLI  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9476\"\u003evitest-dev/vitest#9476\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/77d75fd34\"\u003e\u003c!-- raw HTML omitted --\u003e(77d75)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport tags  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9478\"\u003evitest-dev/vitest#9478\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/de7c8a521\"\u003e\u003c!-- raw HTML omitted --\u003e(de7c8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003earoundEach\u003c/code\u003e and \u003ccode\u003earoundAll\u003c/code\u003e hooks  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9450\"\u003evitest-dev/vitest#9450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2a8cb9dc2\"\u003e\u003c!-- raw HTML omitted --\u003e(2a8cb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStabilize experimental features  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9529\"\u003evitest-dev/vitest#9529\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/b5fd2a16a\"\u003e\u003c!-- raw HTML omitted --\u003e(b5fd2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccept \u003ccode\u003enew\u003c/code\u003e or \u003ccode\u003eall\u003c/code\u003e in \u003ccode\u003e--update\u003c/code\u003e flag  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9543\"\u003evitest-dev/vitest#9543\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/a5acf28a5\"\u003e\u003c!-- raw HTML omitted --\u003e(a5acf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003emeta\u003c/code\u003e in test options  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9535\"\u003evitest-dev/vitest#9535\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7d622e3d1\"\u003e\u003c!-- raw HTML omitted --\u003e(7d622)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport type inference with a new \u003ccode\u003etest.extend\u003c/code\u003e syntax  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9550\"\u003evitest-dev/vitest#9550\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e53854fcc\"\u003e\u003c!-- raw HTML omitted --\u003e(e5385)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport vite 8 beta, fix type issues in the config with different vite versions  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9587\"\u003evitest-dev/vitest#9587\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/990281dfd\"\u003e\u003c!-- raw HTML omitted --\u003e(99028)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd assertion helper to hide internal stack traces  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9594\"\u003evitest-dev/vitest#9594\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/eeb0ae2f8\"\u003e\u003c!-- raw HTML omitted --\u003e(eeb0a)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStore failure screenshots using artifacts API  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9588\"\u003evitest-dev/vitest#9588\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/24603e3c4\"\u003e\u003c!-- raw HTML omitted --\u003e(24603)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003evitest list\u003c/code\u003e to statically collect tests instead of running files to collect them  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9630\"\u003evitest-dev/vitest#9630\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7a8e7fc20\"\u003e\u003c!-- raw HTML omitted --\u003e(7a8e7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--detect-async-leaks\u003c/code\u003e  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9528\"\u003evitest-dev/vitest#9528\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c594d4af3\"\u003e\u003c!-- raw HTML omitted --\u003e(c594d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003emockThrow\u003c/code\u003e and \u003ccode\u003emockThrowOnce\u003c/code\u003e  -  by \u003ca href=\"https://github.com/thor-juhasz\"\u003e\u003ccode\u003e@​thor-juhasz\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9512\"\u003evitest-dev/vitest#9512\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/619179fb7\"\u003e\u003c!-- raw HTML omitted --\u003e(61917)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eupdate: \u0026quot;none\u0026quot;\u003c/code\u003e and add docs about snapshots behavior on CI  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9700\"\u003evitest-dev/vitest#9700\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/05f1854e2\"\u003e\u003c!-- raw HTML omitted --\u003e(05f18)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport playwright \u003ccode\u003elaunchOptions\u003c/code\u003e with \u003ccode\u003econnectOptions\u003c/code\u003e  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9702\"\u003evitest-dev/vitest#9702\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f0ff1b2a0\"\u003e\u003c!-- raw HTML omitted --\u003e(f0ff1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003epage/locator.mark\u003c/code\u003e API to enhance playwright trace  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9652\"\u003evitest-dev/vitest#9652\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/d0ee546fe\"\u003e\u003c!-- raw HTML omitted --\u003e(d0ee5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eSupport tests starting or ending with \u003ccode\u003etest\u003c/code\u003e in \u003ccode\u003eexperimental_parseSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/jgillick\"\u003e\u003ccode\u003e@​jgillick\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eJeremy Gillick\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9235\"\u003evitest-dev/vitest#9235\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2f367fad3\"\u003e\u003c!-- raw HTML omitted --\u003e(2f367)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd filters to \u003ccode\u003ecreateSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9336\"\u003evitest-dev/vitest#9336\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c8e6c7fbf\"\u003e\u003c!-- raw HTML omitted --\u003e(c8e6c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose \u003ccode\u003erunTestFiles\u003c/code\u003e as alternative to \u003ccode\u003erunTestSpecifications\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9443\"\u003evitest-dev/vitest#9443\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/43d761821\"\u003e\u003c!-- raw HTML omitted --\u003e(43d76)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9350\"\u003evitest-dev/vitest#9350\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/20e00ef78\"\u003e\u003c!-- raw HTML omitted --\u003e(20e00)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow passing down test cases to \u003ccode\u003etoTestSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9627\"\u003evitest-dev/vitest#9627\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6f17d5ddf\"\u003e\u003c!-- raw HTML omitted --\u003e(6f17d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003euserEvent.wheel\u003c/code\u003e API  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9188\"\u003evitest-dev/vitest#9188\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/660801979\"\u003e\u003c!-- raw HTML omitted --\u003e(66080)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003efilterNode\u003c/code\u003e option to prettyDOM for filtering browser assertion error output  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9475\"\u003evitest-dev/vitest#9475\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/d3220fcd8\"\u003e\u003c!-- raw HTML omitted --\u003e(d3220)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport playwright persistent context  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eClaude Opus 4.6\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9229\"\u003evitest-dev/vitest#9229\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f865d2ba4\"\u003e\u003c!-- raw HTML omitted --\u003e(f865d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003edetailsPanelPosition\u003c/code\u003e option and button  -  by \u003ca href=\"https://github.com/shairez\"\u003e\u003ccode\u003e@​shairez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9525\"\u003evitest-dev/vitest#9525\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c8a31147c\"\u003e\u003c!-- raw HTML omitted --\u003e(c8a31)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse BlazeDiff instead of pixelmatch  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9514\"\u003evitest-dev/vitest#9514\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/309362089\"\u003e\u003c!-- raw HTML omitted --\u003e(30936)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003efindElement\u003c/code\u003e and enable strict mode in webdriverio and preview  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9677\"\u003evitest-dev/vitest#9677\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c3f37721c\"\u003e\u003c!-- raw HTML omitted --\u003e(c3f37)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/bomb\"\u003e\u003ccode\u003e@​bomb\u003c/code\u003e\u003c/a\u003e.sh/tab completions  -  by \u003ca href=\"https://github.com/AmirSa12\"\u003e\u003ccode\u003e@​AmirSa12\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8639\"\u003evitest-dev/vitest#8639\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/200f31704\"\u003e\u003c!-- raw HTML omitted --\u003e(200f3)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003eignore start/stop\u003c/code\u003e ignore hints  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9204\"\u003evitest-dev/vitest#9204\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e59c94ba6\"\u003e\u003c!-- raw HTML omitted --\u003e(e59c9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecoverage.changed\u003c/code\u003e option to report only changed files  -  by \u003ca href=\"https://github.com/kykim00\"\u003e\u003ccode\u003e@​kykim00\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9521\"\u003evitest-dev/vitest#9521\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1d9392c67\"\u003e\u003c!-- raw HTML omitted --\u003e(1d939)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexperimental\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonModuleRunner\u003c/code\u003e hook to \u003ccode\u003eworker.init\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9286\"\u003evitest-dev/vitest#9286\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e977f3deb\"\u003e\u003c!-- raw HTML omitted --\u003e(e977f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOption to disable the module runner  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9210\"\u003evitest-dev/vitest#9210\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9be6121ee\"\u003e\u003c!-- raw HTML omitted --\u003e(9be61)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/4150b913171bda3971a4a4c47c633c26d0c6ae45\"\u003e\u003ccode\u003e4150b91\u003c/code\u003e\u003c/a\u003e chore: release v4.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/1de0aa22dd6311a93546a75a3c58a6be519c1baf\"\u003e\u003ccode\u003e1de0aa2\u003c/code\u003e\u003c/a\u003e fix: correctly identify concurrent test during static analysis (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9846\"\u003e#9846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/c3cac1c1b5a91d921942e9391fbd94841717363f\"\u003e\u003ccode\u003ec3cac1c\u003c/code\u003e\u003c/a\u003e fix: use isAgent check, not just TTY, for watch mode (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9841\"\u003e#9841\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/eab68ba2b8ea6f89717c0b885c573579659d7c3b\"\u003e\u003ccode\u003eeab68ba\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9824\"\u003e#9824\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/031f02a89be34491c441b4da9c4e2bacb7db71df\"\u003e\u003ccode\u003e031f02a\u003c/code\u003e\u003c/a\u003e fix: allow catch/finally for async assertion (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9827\"\u003e#9827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/3e9e096a231fa0ec6475da82e36cbd6fcc9bc8f9\"\u003e\u003ccode\u003e3e9e096\u003c/code\u003e\u003c/a\u003e feat(reporters): add \u003ccode\u003eagent\u003c/code\u003e reporter to reduce ai agent token usage (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9779\"\u003e#9779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c2c01361a95dd26d0d7fd7bc38bcca8dbc6e5d2\"\u003e\u003ccode\u003e0c2c013\u003c/code\u003e\u003c/a\u003e chore: release v4.1.0-beta.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8181e06e765f4d043818b244c76795022fa78ff6\"\u003e\u003ccode\u003e8181e06\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003ehideSkippedTests\u003c/code\u003e should not hide \u003ccode\u003etest.todo\u003c/code\u003e (fix \u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9562\"\u003e#9562\u003c/a\u003e) (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9781\"\u003e#9781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8216b0014b83612e40ef49f919d5293b68717b3\"\u003e\u003ccode\u003ea8216b0\u003c/code\u003e\u003c/a\u003e fix: manual and redirect mock shouldn't \u003ccode\u003eload\u003c/code\u003e or \u003ccode\u003etransform\u003c/code\u003e original module...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/689a22a1b8c79595f6f4ae82d2b43c895d7f1c50\"\u003e\u003ccode\u003e689a22a\u003c/code\u003e\u003c/a\u003e fix(browser): types of \u003ccode\u003egetCDPSession\u003c/code\u003e and \u003ccode\u003ecdp()\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-d...\n\n_Description has been truncated_","html_url":"https://github.com/WIFER10/openclaw/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/WIFER10%2Fopenclaw/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4669757509","node_id":"PR_kwDOJb7SK87mxx7J","number":12089,"state":"open","title":"chore(deps): bump dompurify from 3.4.8 to 3.4.9 in /web","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T23:42:08.000Z","updated_at":"2026-06-15T23:42:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/web","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/onyx-dot-app/onyx/network/alerts).\n\n\u003c/details\u003e\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate `dompurify` to 3.4.9 in `web` for improved Trusted Types handling and more reliable in-place sanitization. No app changes required.\n\n\u003csup\u003eWritten for commit d8099aa5b48258d19b197d50743989b74a233dd3. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/onyx-dot-app/onyx/pull/12089?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/onyx-dot-app/onyx/pull/12089","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/onyx-dot-app%2Fonyx/issues/12089","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12089/packages"},{"uuid":"4669743609","node_id":"PR_kwDOAlosUs7mxvBq","number":41089,"state":"open","title":"chore(deps): bump dompurify from 3.4.8 to 3.4.9 in /superset-frontend","user":"dependabot[bot]","labels":["size/XS","dependabot","npm","javascript","plugins","dependencies:npm","packages"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T23:39:39.000Z","updated_at":"2026-06-15T23:49:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/superset-frontend","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/superset/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/apache/superset/pull/41089","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fsuperset/issues/41089","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/41089/packages"},{"uuid":"4669519980","node_id":"PR_kwDOFoczYs7mxAMQ","number":4062,"state":"open","title":"chore(deps): bump dompurify from 3.4.0 to 3.4.9","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T22:54:01.000Z","updated_at":"2026-06-15T22:57:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"dompurify","old_version":"3.4.0","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":null,"ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.0 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🚨 \u003cstrong\u003eThis release had been flagged as deprecated, please use DOMPurify 3.4.5 instead\u003c/strong\u003e 🚨\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue with handling of nested Shadow DOM trees, thanks \u003ca href=\"https://github.com/fishjojo1\"\u003e\u003ccode\u003e@​fishjojo1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the template regexes to be more robust against ReDoS attacks, thanks \u003ca href=\"https://github.com/aleung27\"\u003e\u003ccode\u003e@​aleung27\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the node iteration code to catch more Shadow DOM related issues\u003c/li\u003e\n\u003cli\u003eUpdated Playwright and added Node 26 to test matrix\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, release signing, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/09f59115a311469de5b625225760593e551f080a\"\u003e\u003ccode\u003e09f5911\u003c/code\u003e\u003c/a\u003e test: added three more browsers to test setup (OSX, mobile)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.0...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.0\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/GovAlta/ui-components/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/GovAlta/ui-components/pull/4062","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GovAlta%2Fui-components/issues/4062","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4062/packages"},{"uuid":"4669087460","node_id":"PR_kwDOOWxMbM7mvkS2","number":1059,"state":"open","title":"build(deps): bump dompurify from 3.4.8 to 3.4.9 in /docs/operational/reports in the npm_and_yarn group across 1 directory","user":"dependabot[bot]","labels":["dependencies","javascript","ci: passed"],"assignees":["AUo959"],"locked":false,"comments_count":26,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T21:35:38.000Z","updated_at":"2026-06-15T21:50:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/docs/operational/reports in the npm_and_yarn group across 1 directory","ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /docs/operational/reports directory: [dompurify](https://github.com/cure53/DOMPurify).\n\nUpdates `dompurify` from 3.4.8 to 3.4.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AUo959/aurora-cloudbank-symbolic/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AUo959/aurora-cloudbank-symbolic/pull/1059","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AUo959%2Faurora-cloudbank-symbolic/issues/1059","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1059/packages"},{"uuid":"4668765467","node_id":"PR_kwDOMJdHfs7mufEF","number":1509,"state":"closed","title":"Bump dompurify from 3.4.1 to 3.4.10 in /momentum/website","user":"dependabot[bot]","labels":["CLA Signed","dependencies","Merged","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-06-15T23:19:20.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-15T20:44:38.000Z","updated_at":"2026-06-15T23:19:42.000Z","time_to_close":9282,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"dompurify","old_version":"3.4.1","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/momentum/website","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.1 to 3.4.10.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.1...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.1\u0026new-version=3.4.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebookresearch/momentum/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/facebookresearch/momentum/pull/1509","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/facebookresearch%2Fmomentum/issues/1509","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1509/packages"},{"uuid":"4664212914","node_id":"PR_kwDOSV0BMc7mfWS6","number":103,"state":"open","title":"chore(deps): update dompurify requirement from ^3.3.3 to ^3.4.10 in /superset-frontend/plugins/legacy-preset-chart-nvd3","user":"dependabot[bot]","labels":["dependencies:npm","plugins"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T10:26:24.000Z","updated_at":"2026-06-15T10:26:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): update","packages":[{"name":"dompurify","old_version":"^3.3.3","new_version":"^3.4.10","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/superset-frontend/plugins/legacy-preset-chart-nvd3","ecosystem":"npm"},"body":"Updates the requirements on [dompurify](https://github.com/cure53/DOMPurify) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.3...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/meh-02/superset/pull/103","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/meh-02%2Fsuperset/issues/103","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/103/packages"},{"uuid":"4663752902","node_id":"PR_kwDOQteRjc7mdz8B","number":323,"state":"closed","title":"chore(deps)(deps): bump the all-minor-patch group in /pages with 5 updates","user":"dependabot[bot]","labels":["dependencies","frontend"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-16T02:24:56.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-15T09:26:16.000Z","updated_at":"2026-06-16T02:24:57.000Z","time_to_close":61120,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"all-minor-patch","update_count":5,"packages":[{"name":"axios","old_version":"1.17.0","new_version":"1.18.0","repository_url":"https://github.com/axios/axios"},{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"@types/node","old_version":"25.9.2","new_version":"25.9.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint-plugin-react-hooks","old_version":"7.0.1","new_version":"7.1.1","repository_url":"https://github.com/facebook/react"},{"name":"eslint-plugin-react-refresh","old_version":"0.4.26","new_version":"0.5.3","repository_url":"https://github.com/ArnaudBarre/eslint-plugin-react-refresh"}],"path":"/pages","ecosystem":"npm"},"body":"Bumps the all-minor-patch group in /pages with 5 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.17.0` | `1.18.0` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.8` | `3.4.10` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.2` | `25.9.3` |\n| [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `7.0.1` | `7.1.1` |\n| [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.4.26` | `0.5.3` |\n\nUpdates `axios` from 1.17.0 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d06f96e8602c2db13b65a26340ee4a1bbc0b61f\"\u003e\u003ccode\u003e2d06f96\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.18.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32fc489632377d214db55bfa4e2c48486a7d7ce2\"\u003e\u003ccode\u003e32fc489\u003c/code\u003e\u003c/a\u003e fix: malformed http urls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b40ce498abfa10d90b873b4fd08f520afa5d2545\"\u003e\u003ccode\u003eb40ce49\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 10 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fe964f960ecb52c3e1155b0daf7be77541956b01\"\u003e\u003ccode\u003efe964f9\u003c/code\u003e\u003c/a\u003e docs: mark proxy config as Node.js only (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5f229d2d1f018d1db3dab6bbe034dbf3f9041b99\"\u003e\u003ccode\u003e5f229d2\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fae9d4e7db6a858c407c75e607a071c533c5c4f6\"\u003e\u003ccode\u003efae9d4e\u003c/code\u003e\u003c/a\u003e docs: clarify package update PR policy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28ab2ced820e55192806c53472ab3eb0cbb68dc2\"\u003e\u003ccode\u003e28ab2ce\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a8e4f13aeecc45a3b8fab3ecfd9ddb5d70fb772b\"\u003e\u003ccode\u003ea8e4f13\u003c/code\u003e\u003c/a\u003e fix(core): keep default validateStatus when request passes undefined (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/614f4552a17de757d4171ad7c3bd38c9c1025fd8\"\u003e\u003ccode\u003e614f455\u003c/code\u003e\u003c/a\u003e docs: publish v1.17.0 release notes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6bb12c191f5380fad321322fb90216ae0dc36985\"\u003e\u003ccode\u003e6bb12c1\u003c/code\u003e\u003c/a\u003e fix: custom auth headers not stripped on cross-origin redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.4.8 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.2 to 25.9.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint-plugin-react-hooks` from 7.0.1 to 7.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003eeslint-plugin-react-hooks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eeslint-plugin-react-hooks@7.1.1 (April 17, 2026)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e 7.1.0 accidentally removed the \u003ccode\u003ecomponent-hook-factories\u003c/code\u003e rule, causing errors for users who referenced it in their ESLint config. This is now fixed.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd deprecated no-op \u003ccode\u003ecomponent-hook-factories\u003c/code\u003e rule for backwards compatibility. (\u003ca href=\"https://github.com/mofeiZ\"\u003e\u003ccode\u003e@​mofeiZ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/36307\"\u003e#36307\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eeslint-plugin-react-hooks@7.1.0 (April 16, 2026)\u003c/h2\u003e\n\u003cp\u003eThis release adds ESLint v10 support, improves performance by skipping compilation for non-React files, and includes compiler lint improvements including better \u003ccode\u003eset-state-in-effect\u003c/code\u003e detection, improved ref validation, and more helpful error reporting.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ESLint v10 support. (\u003ca href=\"https://github.com/azat-io\"\u003e\u003ccode\u003e@​azat-io\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35720\"\u003e#35720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip compilation for non-React files to improve performance. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35589\"\u003e#35589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix exhaustive deps bug with Flow type casting. (\u003ca href=\"https://github.com/jorge-cab\"\u003e\u003ccode\u003e@​jorge-cab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35691\"\u003e#35691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euseEffectEvent\u003c/code\u003e checks in component syntax. (\u003ca href=\"https://github.com/jbrown215\"\u003e\u003ccode\u003e@​jbrown215\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35041\"\u003e#35041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved \u003ccode\u003eset-state-in-effect\u003c/code\u003e validation with fewer false negatives. (\u003ca href=\"https://github.com/jorge-cab\"\u003e\u003ccode\u003e@​jorge-cab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35134\"\u003e#35134\u003c/a\u003e, \u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35147\"\u003e#35147\u003c/a\u003e, \u003ca href=\"https://github.com/jackpope\"\u003e\u003ccode\u003e@​jackpope\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35214\"\u003e#35214\u003c/a\u003e, \u003ca href=\"https://github.com/chesnokov-tony\"\u003e\u003ccode\u003e@​chesnokov-tony\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35419\"\u003e#35419\u003c/a\u003e, \u003ca href=\"https://github.com/jsleitor\"\u003e\u003ccode\u003e@​jsleitor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/36107\"\u003e#36107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved ref validation for non-mutating functions and event handler props. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35893\"\u003e#35893\u003c/a\u003e, \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35062\"\u003e#35062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCompiler now reports all errors instead of stopping at the first. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35873\"\u003e#35873\u003c/a\u003e–\u003ca href=\"https://redirect.github.com/facebook/react/pull/35884\"\u003e#35884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved source locations and error display in compiler diagnostics. (\u003ca href=\"https://github.com/nathanmarks\"\u003e\u003ccode\u003e@​nathanmarks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35348\"\u003e#35348\u003c/a\u003e, \u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/34963\"\u003e#34963\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md\"\u003eeslint-plugin-react-hooks's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e 7.1.0 accidentally removed the \u003ccode\u003ecomponent-hook-factories\u003c/code\u003e rule, causing errors for users who referenced it in their ESLint config. This is now fixed.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd deprecated no-op \u003ccode\u003ecomponent-hook-factories\u003c/code\u003e rule for backwards compatibility. (\u003ca href=\"https://github.com/mofeiZ\"\u003e\u003ccode\u003e@​mofeiZ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/36307\"\u003e#36307\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1.0\u003c/h2\u003e\n\u003cp\u003eThis release adds ESLint v10 support, improves performance by skipping compilation for non-React files, and includes compiler lint improvements including better \u003ccode\u003eset-state-in-effect\u003c/code\u003e detection, improved ref validation, and more helpful error reporting.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ESLint v10 support. (\u003ca href=\"https://github.com/azat-io\"\u003e\u003ccode\u003e@​azat-io\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35720\"\u003e#35720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip compilation for non-React files to improve performance. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35589\"\u003e#35589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix exhaustive deps bug with Flow type casting. (\u003ca href=\"https://github.com/jorge-cab\"\u003e\u003ccode\u003e@​jorge-cab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35691\"\u003e#35691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euseEffectEvent\u003c/code\u003e checks in component syntax. (\u003ca href=\"https://github.com/jbrown215\"\u003e\u003ccode\u003e@​jbrown215\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35041\"\u003e#35041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved \u003ccode\u003eset-state-in-effect\u003c/code\u003e validation with fewer false negatives. (\u003ca href=\"https://github.com/jorge-cab\"\u003e\u003ccode\u003e@​jorge-cab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35134\"\u003e#35134\u003c/a\u003e, \u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35147\"\u003e#35147\u003c/a\u003e, \u003ca href=\"https://github.com/jackpope\"\u003e\u003ccode\u003e@​jackpope\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35214\"\u003e#35214\u003c/a\u003e, \u003ca href=\"https://github.com/chesnokov-tony\"\u003e\u003ccode\u003e@​chesnokov-tony\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35419\"\u003e#35419\u003c/a\u003e, \u003ca href=\"https://github.com/jsleitor\"\u003e\u003ccode\u003e@​jsleitor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/36107\"\u003e#36107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved ref validation for non-mutating functions and event handler props. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35893\"\u003e#35893\u003c/a\u003e, \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35062\"\u003e#35062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCompiler now reports all errors instead of stopping at the first. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35873\"\u003e#35873\u003c/a\u003e–\u003ca href=\"https://redirect.github.com/facebook/react/pull/35884\"\u003e#35884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved source locations and error display in compiler diagnostics. (\u003ca href=\"https://github.com/nathanmarks\"\u003e\u003ccode\u003e@​nathanmarks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35348\"\u003e#35348\u003c/a\u003e, \u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/34963\"\u003e#34963\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/eslint-plugin-react-hooks@7.1.1/packages/eslint-plugin-react-hooks\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint-plugin-react-refresh` from 0.4.26 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases\"\u003eeslint-plugin-react-refresh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix check for non component class exported via \u003ccode\u003eexport { }\u003c/code\u003e \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110\"\u003e#110\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109\"\u003e#109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport nested function calls for extraHOCs (actually fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMark ESLint v10 as supported\u003c/li\u003e\n\u003cli\u003eSupport false positives with TypeScript function overloading (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/105\"\u003e#105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport nested function calls for extraHOCs (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.0\u003c/h2\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use \u003ca href=\"https://eslint.org/docs/latest/use/configure/migration-guide\"\u003eflat config\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eA new \u003ccode\u003ereactRefresh\u003c/code\u003e export is available and prefered over the default export. It's an object with two properties:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eplugin\u003c/code\u003e: The plugin object with the rules\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003econfigs\u003c/code\u003e: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecustomHOCs\u003c/code\u003e option was renamed to \u003ccode\u003eextraHOCs\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eValidation of HOCs calls is now more strict, you may need to add some HOCs to the \u003ccode\u003eextraHOCs\u003c/code\u003e option (like \u003ccode\u003econnect\u003c/code\u003e or \u003ccode\u003estyled\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eConfig example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { defineConfig } from \u0026quot;eslint/config\u0026quot;;\r\nimport { reactRefresh } from \u0026quot;eslint-plugin-react-refresh\u0026quot;;\r\n\u003cp\u003eexport default defineConfig(\n/* Main config */\nreactRefresh.configs.vite({ extraHOCs: [\u0026quot;someLibHOC\u0026quot;] }),\n);\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eConfig example without config:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { defineConfig } from \u0026quot;eslint/config\u0026quot;;\r\nimport { reactRefresh } from \u0026quot;eslint-plugin-react-refresh\u0026quot;;\r\n\u003cp\u003eexport default defineConfig({\nfiles: [\u0026quot;\u003cstrong\u003e/*.ts\u0026quot;, \u0026quot;\u003c/strong\u003e/*.tsx\u0026quot;],\nplugins: {\n// other plugins\n\u0026quot;react-refresh\u0026quot;: reactRefresh.plugin,\n},\nrules: {\n// other rules\n\u0026quot;react-refresh/only-export-components\u0026quot;: [\n\u0026quot;warn\u0026quot;,\n{ extraHOCs: [\u0026quot;someLibHOC\u0026quot;] },\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md\"\u003eeslint-plugin-react-refresh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix check for non component class exported via \u003ccode\u003eexport { }\u003c/code\u003e \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110\"\u003e#110\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109\"\u003e#109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport nested function calls for extraHOCs (actually fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMark ESLint v10 as supported\u003c/li\u003e\n\u003cli\u003eSupport false positives with TypeScript function overloading (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/105\"\u003e#105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport nested function calls for extraHOCs (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.0\u003c/h2\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use \u003ca href=\"https://eslint.org/docs/latest/use/configure/migration-guide\"\u003eflat config\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eA new \u003ccode\u003ereactRefresh\u003c/code\u003e export is available and prefered over the default export. It's an object with two properties:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eplugin\u003c/code\u003e: The plugin object with the rules\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003econfigs\u003c/code\u003e: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecustomHOCs\u003c/code\u003e option was renamed to \u003ccode\u003eextraHOCs\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eValidation of HOCs calls is now more strict, you may need to add some HOCs to the \u003ccode\u003eextraHOCs\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eConfig example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { defineConfig } from \u0026quot;eslint/config\u0026quot;;\nimport { reactRefresh } from \u0026quot;eslint-plugin-react-refresh\u0026quot;;\n\u003cp\u003eexport default defineConfig(\n/* Main config */\nreactRefresh.configs.vite({ extraHOCs: [\u0026quot;someLibHOC\u0026quot;] }),\n);\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eConfig example without config:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { defineConfig } from \u0026quot;eslint/config\u0026quot;;\nimport { reactRefresh } from \u0026quot;eslint-plugin-react-refresh\u0026quot;;\n\u003cp\u003eexport default defineConfig({\nfiles: [\u0026quot;\u003cstrong\u003e/*.ts\u0026quot;, \u0026quot;\u003c/strong\u003e/*.tsx\u0026quot;],\nplugins: {\n// other plugins\n\u0026quot;react-refresh\u0026quot;: reactRefresh.plugin,\n},\nrules: {\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/00818e991486da1e4b76f510f5f9113271549944\"\u003e\u003ccode\u003e00818e9\u003c/code\u003e\u003c/a\u003e v0.5.3 [publish]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/202fc4a8bddcfb442a317ad604693d8436c3d3ea\"\u003e\u003ccode\u003e202fc4a\u003c/code\u003e\u003c/a\u003e Fix PascalCase class exported via \u003ccode\u003eexport { Name }\u003c/code\u003e incorrectly treated as Re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/c0317bfe447d1f014e5e0bedcdfe77e50343c871\"\u003e\u003ccode\u003ec0317bf\u003c/code\u003e\u003c/a\u003e Fix support for nested function calls for extraHOCs [publish]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/42a1805ef5c18354e7b4cfe9db48891f6e2a00f2\"\u003e\u003ccode\u003e42a1805\u003c/code\u003e\u003c/a\u003e Explicit v10 support (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/106\"\u003e#106\u003c/a\u003e) [publish]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/199793e0d65ef30d24aadf077ed994f582264724\"\u003e\u003ccode\u003e199793e\u003c/code\u003e\u003c/a\u003e Support nested function calls for extraHOCs (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/26b3c1525e7008545dee68b2deb4601802b88ade\"\u003e\u003ccode\u003e26b3c15\u003c/code\u003e\u003c/a\u003e Support false positives with TypeScript function overloading (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/105\"\u003e#105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/daa2efb2a2899ad7e793fc42e01bddbbc132074f\"\u003e\u003ccode\u003edaa2efb\u003c/code\u003e\u003c/a\u003e Revamp logic to catch more cases [publish] (\u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.4.26...v0.5.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/Innovate-To-Grow/Innovate-To-Grow-Website/pull/323","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Innovate-To-Grow%2FInnovate-To-Grow-Website/issues/323","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/323/packages"},{"uuid":"4661955433","node_id":"PR_kwDODK_9xc7mX7Dl","number":1973,"state":"open","title":"chore(deps): bump the minor-and-patch group with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T04:07:46.000Z","updated_at":"2026-06-15T04:08:06.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":19,"packages":[{"name":"@storybook/addon-docs","old_version":"10.4.2","new_version":"10.4.4","repository_url":"https://github.com/storybookjs/storybook"},{"name":"@storybook/addon-links","old_version":"10.4.2","new_version":"10.4.4","repository_url":"https://github.com/storybookjs/storybook"},{"name":"@storybook/html-vite","old_version":"10.4.2","new_version":"10.4.4","repository_url":"https://github.com/storybookjs/storybook"},{"name":"@types/node","old_version":"24.13.1","new_version":"24.13.2","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@typescript-eslint/eslint-plugin","old_version":"8.60.1","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/parser","old_version":"8.60.1","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/utils","old_version":"8.60.1","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"eslint","old_version":"10.4.1","new_version":"10.5.0","repository_url":"https://github.com/eslint/eslint"},{"name":"prettier","old_version":"3.8.3","new_version":"3.8.4","repository_url":"https://github.com/prettier/prettier"},{"name":"sass","old_version":"1.100.0","new_version":"1.101.0","repository_url":"https://github.com/sass/dart-sass"},{"name":"storybook","old_version":"10.4.2","new_version":"10.4.4","repository_url":"https://github.com/storybookjs/storybook"},{"name":"style-dictionary","old_version":"5.4.3","new_version":"5.4.4","repository_url":"https://github.com/style-dictionary/style-dictionary"},{"name":"turbo","old_version":"2.9.16","new_version":"2.9.18","repository_url":"https://github.com/vercel/turborepo"},{"name":"typescript-eslint","old_version":"8.60.1","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@oxc-parser/binding-linux-arm64-gnu","old_version":"0.134.0","new_version":"0.135.0","repository_url":"https://github.com/oxc-project/oxc"},{"name":"@oxc-parser/binding-linux-x64-gnu","old_version":"0.134.0","new_version":"0.135.0","repository_url":"https://github.com/oxc-project/oxc"},{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"postcss","old_version":"8.5.14","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"unocss","old_version":"66.7.0","new_version":"66.7.2","repository_url":"https://github.com/unocss/unocss"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 19 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@storybook/addon-docs](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs) | `10.4.2` | `10.4.4` |\n| [@storybook/addon-links](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/links) | `10.4.2` | `10.4.4` |\n| [@storybook/html-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/html-vite) | `10.4.2` | `10.4.4` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.13.1` | `24.13.2` |\n| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.60.1` | `8.61.0` |\n| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.60.1` | `8.61.0` |\n| [@typescript-eslint/utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/utils) | `8.60.1` | `8.61.0` |\n| [eslint](https://github.com/eslint/eslint) | `10.4.1` | `10.5.0` |\n| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |\n| [sass](https://github.com/sass/dart-sass) | `1.100.0` | `1.101.0` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `10.4.2` | `10.4.4` |\n| [style-dictionary](https://github.com/style-dictionary/style-dictionary) | `5.4.3` | `5.4.4` |\n| [turbo](https://github.com/vercel/turborepo) | `2.9.16` | `2.9.18` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.60.1` | `8.61.0` |\n| [@oxc-parser/binding-linux-arm64-gnu](https://github.com/oxc-project/oxc/tree/HEAD/napi/parser) | `0.134.0` | `0.135.0` |\n| [@oxc-parser/binding-linux-x64-gnu](https://github.com/oxc-project/oxc/tree/HEAD/napi/parser) | `0.134.0` | `0.135.0` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.8` | `3.4.10` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.14` | `8.5.15` |\n| [unocss](https://github.com/unocss/unocss/tree/HEAD/packages-presets/unocss) | `66.7.0` | `66.7.2` |\n\nUpdates `@storybook/addon-docs` from 10.4.2 to 10.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003e@​storybook/addon-docs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.4\u003c/h2\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.3\u003c/h2\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003e@​storybook/addon-docs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/5adebe753f29d414d1e214e935c94d6e5451861f\"\u003e\u003ccode\u003e5adebe7\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.3\u0026quot; to \u0026quot;10.4.4\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/624e6187fd462e56719cbd80c1b4bfb67b68fc89\"\u003e\u003ccode\u003e624e618\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.2\u0026quot; to \u0026quot;10.4.3\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/c89882282295be3bc05b3a366916c53d7a499841\"\u003e\u003ccode\u003ec898822\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs/issues/34496\"\u003e#34496\u003c/a\u003e from NYCU-Chung/fix/docs-blocks-custom-mdx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/c920fd08c79c57879fa2ddb4e8538e1684c71ec2\"\u003e\u003ccode\u003ec920fd0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs/issues/35021\"\u003e#35021\u003c/a\u003e from LongTangGithub/fix/docs-hmr-scroll-to-top\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/1750494e9f36748b2d89335e77f23f125fc5ec78\"\u003e\u003ccode\u003e1750494\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs/issues/35031\"\u003e#35031\u003c/a\u003e from storybookjs/jeppe/fix-mdx-no-dev-tag\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v10.4.4/code/addons/docs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@storybook/addon-links` from 10.4.2 to 10.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003e@​storybook/addon-links's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.4\u003c/h2\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.3\u003c/h2\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003e@​storybook/addon-links's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/5adebe753f29d414d1e214e935c94d6e5451861f\"\u003e\u003ccode\u003e5adebe7\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.3\u0026quot; to \u0026quot;10.4.4\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/624e6187fd462e56719cbd80c1b4bfb67b68fc89\"\u003e\u003ccode\u003e624e618\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.2\u0026quot; to \u0026quot;10.4.3\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v10.4.4/code/addons/links\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@storybook/html-vite` from 10.4.2 to 10.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003e@​storybook/html-vite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.4\u003c/h2\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.3\u003c/h2\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003e@​storybook/html-vite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/5adebe753f29d414d1e214e935c94d6e5451861f\"\u003e\u003ccode\u003e5adebe7\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.3\u0026quot; to \u0026quot;10.4.4\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/624e6187fd462e56719cbd80c1b4bfb67b68fc89\"\u003e\u003ccode\u003e624e618\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.2\u0026quot; to \u0026quot;10.4.3\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v10.4.4/code/frameworks/html-vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 24.13.1 to 24.13.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@typescript-eslint/eslint-plugin` from 8.60.1 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003e@​typescript-eslint/eslint-plugin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md\"\u003e@​typescript-eslint/eslint-plugin's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ef1fd28c68b10da2e5b56823da8491f10f2c2b97\"\u003e\u003ccode\u003eef1fd28\u003c/code\u003e\u003c/a\u003e feat(ast-spec): change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/12\"\u003e#12\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/eslint-plugin\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@typescript-eslint/parser` from 8.60.1 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003e@​typescript-eslint/parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md\"\u003e@​typescript-eslint/parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for parser to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/parser\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@typescript-eslint/utils` from 8.60.1 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003e@​typescript-eslint/utils's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/utils/CHANGELOG.md\"\u003e@​typescript-eslint/utils's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for utils to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/utils\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.4.1 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.5.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/bdb496cc0d54b6d0a023aef9abd5f040ccff2101\"\u003e\u003ccode\u003ebdb496c\u003c/code\u003e\u003c/a\u003e feat: correct max-depth handling for else-if chains (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20944\"\u003e#20944\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c29687354a7f96093f57f7d73eecb866ad5e2953\"\u003e\u003ccode\u003ec296873\u003c/code\u003e\u003c/a\u003e feat: update error loc in \u003ccode\u003emax-statements\u003c/code\u003e to function header (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20907\"\u003e#20907\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f99b47a6799be25321552402a49303bb06a43fe4\"\u003e\u003ccode\u003ef99b47a\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/acf03d4eed31d259c7dc62af5b9640629784f7cc\"\u003e\u003ccode\u003eacf03d4\u003c/code\u003e\u003c/a\u003e docs: clarify precedence of parserOptions over languageOptions (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20926\"\u003e#20926\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c2d1444df77cb42e5a0b89ab70496879d180a54d\"\u003e\u003ccode\u003ec2d1444\u003c/code\u003e\u003c/a\u003e refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20951\"\u003e#20951\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/243b8c56014bbbe63771185b0731d8dd4d1316e9\"\u003e\u003ccode\u003e243b8c5\u003c/code\u003e\u003c/a\u003e chore: enhance config-rule to support oneOf, anyOf, and nested schemas (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20788\"\u003e#20788\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/217b2a91f46137c5ffd693965e71306c4c15ea6b\"\u003e\u003ccode\u003e217b2a9\u003c/code\u003e\u003c/a\u003e test: add unit tests for ParserService (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20949\"\u003e#20949\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/72003e781d76bd4ee0d98a6601730d0b829070f9\"\u003e\u003ccode\u003e72003e7\u003c/code\u003e\u003c/a\u003e test: add location information to error messages in \u003ccode\u003emax-statements\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20945\"\u003e#20945\u003c/a\u003e) (lumir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7797c266977b0bc4971aa79721813d480de72cd1\"\u003e\u003ccode\u003e7797c26\u003c/code\u003e\u003c/a\u003e refactor: deduplicate isAnySegmentReachable across rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20890\"\u003e#20890\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/67c46fa6e4f34e88cc6bc82f8a0dcc917c65d257\"\u003e\u003ccode\u003e67c46fa\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20938\"\u003e#20938\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/95d8c7a99f991abd8ab618d0ee2cbd4f58effc29\"\u003e\u003ccode\u003e95d8c7a\u003c/code\u003e\u003c/a\u003e chore: update dependency \u003ccode\u003e@​eslint/json\u003c/code\u003e to v2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20934\"\u003e#20934\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/cf9e496205142cd4971b9f98aed85866d1010b9c\"\u003e\u003ccode\u003ecf9e496\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003e@​arethetypeswrong/cli\u003c/code\u003e to 0.18.3 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20933\"\u003e#20933\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fb6d3960cacc51fc12383fa5ded2382adbf90c1c\"\u003e\u003ccode\u003efb6d396\u003c/code\u003e\u003c/a\u003e test: run type tests with TypeScript 7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20868\"\u003e#20868\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/de3b672a267e32607db04176ce4775664acb3145\"\u003e\u003ccode\u003ede3b672\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/362a5185134290db696d39f97c9da609ded54040\"\u003e\u003ccode\u003e362a518\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.4.1...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prettier` from 3.8.3 to 3.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/releases\"\u003eprettier's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.8.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003eprettier/prettier#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🔗 \u003ca href=\"https://github.com/prettier/prettier/blob/3.8.4/CHANGELOG.md#384\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/blob/main/CHANGELOG.md\"\u003eprettier's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.8.4\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ediff\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003e#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/h4\u003e\n\u003cp\u003ePrettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre lang=\"markdown\"\u003e\u003ccode\u003e\u0026lt;!-- Input --\u0026gt;\n- a\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eb\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.3 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ea\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ec\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.4 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ea\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/1c6ba5539141552e0e8e22d401ea620d8fdff468\"\u003e\u003ccode\u003e1c6ba55\u003c/code\u003e\u003c/a\u003e Release 3.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/4a673dc9b59ddf7296bbab9822093d2971da84a8\"\u003e\u003ccode\u003e4a673dc\u003c/code\u003e\u003c/a\u003e Fix blank lines between list items and nested sub-lists being removed in Mark...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/074aaedbb052a288e89d15eb0a4214de37a08866\"\u003e\u003ccode\u003e074aaed\u003c/code\u003e\u003c/a\u003e Replace \u003ccode\u003emain\u003c/code\u003e branch in changelog link with tags (\u003ca href=\"https://redirect.github.com/prettier/prettier/issues/19054\"\u003e#19054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/c22a003ae97917c5043e8685b4fdff0f93e978f9\"\u003e\u003ccode\u003ec22a003\u003c/code\u003e\u003c/a\u003e Bump Prettier dependency to 3.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/07bad1f04536e9799927007baf466e67151576f0\"\u003e\u003ccode\u003e07bad1f\u003c/code\u003e\u003c/a\u003e Clean changelog_unreleased\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sass` from 1.100.0 to 1.101.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sass/dart-sass/releases\"\u003esass's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDart Sass 1.101.0\u003c/h2\u003e\n\u003cp\u003eTo install Sass 1.101.0, download one of the packages below and \u003ca href=\"https://katiek2.github.io/path-doc/\"\u003eadd it to your PATH\u003c/a\u003e, or see \u003ca href=\"https://sass-lang.com/install\"\u003ethe Sass website\u003c/a\u003e for full installation instructions.\u003c/p\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePotentially breaking bug fix:\u003c/strong\u003e The Node package importer now properly supports resolving import-only variants of Sass files declared in the \u003ccode\u003eexports\u003c/code\u003e, \u003ccode\u003esass\u003c/code\u003e, and \u003ccode\u003estyle\u003c/code\u003e fields of \u003ccode\u003epackage.json\u003c/code\u003e. Previously, these files were ignored even when loaded via \u003ccode\u003e@import\u003c/code\u003e, so any code relying on loading module-system-only files this way may break.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#11010\"\u003efull changelog\u003c/a\u003e for changes in earlier releases.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sass/dart-sass/blob/main/CHANGELOG.md\"\u003esass's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.101.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePotentially breaking bug fix:\u003c/strong\u003e The Node package importer now properly\nsupports resolving import-only variants of Sass files declared in the\n\u003ccode\u003eexports\u003c/code\u003e, \u003ccode\u003esass\u003c/code\u003e, and \u003ccode\u003estyle\u003c/code\u003e fields of \u003ccode\u003epackage.json\u003c/code\u003e. Previously, these\nfiles were ignored even when loaded via \u003ccode\u003e@import\u003c/code\u003e, so any code relying on\nloading module-system-only files this way may break.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sass/dart-sass/commit/63b9922f5ddbf34bc742b50949e0ee5c47f4686d\"\u003e\u003ccode\u003e63b9922\u003c/code\u003e\u003c/a\u003e Load import-only files through package.json \u003ccode\u003eexports\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sass/dart-sass/issues/2772\"\u003e#2772\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sass/dart-sass/commit/c7e9947100e8ffdabfe314a4e342595f2bccff35\"\u003e\u003ccode\u003ec7e9947\u003c/code\u003e\u003c/a\u003e Migrate from bufbuild/buf-setup-action to bufbuild/buf-action (\u003ca href=\"https://redirect.github.com/sass/dart-sass/issues/2773\"\u003e#2773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sass/dart-sass/commit/7674a4c29d05c844dcffd40a91e7cf2ac216d524\"\u003e\u003ccode\u003e7674a4c\u003c/code\u003e\u003c/a\u003e Bump postcss from 8.5.13 to 8.5.15 in /pkg/sass-parser (\u003ca href=\"https://redirect.github.com/sass/dart-sass/issues/2774\"\u003e#2774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sass/dart-sass/compare/1.100.0...1.101.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `storybook` from 10.4.2 to 10.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003estorybook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.4\u003c/h2\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.3\u003c/h2\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003estorybook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/5adebe753f29d414d1e214e935c94d6e5451861f\"\u003e\u003ccode\u003e5adebe7\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.3\u0026quot; to \u0026quot;10.4.4\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/ce1491d9e4c6d2b42864028fdf57801b855fc573\"\u003e\u003ccode\u003ece1491d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/35085\"\u003e#35085\u003c/a\u003e from badams/fix/telemetry-fetch-timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/624e6187fd462e56719cbd80c1b4bfb67b68fc89\"\u003e\u003ccode\u003e624e618\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.2\u0026quot; to \u0026quot;10.4.3\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/c89882282295be3bc05b3a366916c53d7a499841\"\u003e\u003ccode\u003ec898822\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/34496\"\u003e#34496\u003c/a\u003e from NYCU-Chung/fix/docs-blocks-custom-mdx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/c920fd08c79c57879fa2ddb4e8538e1684c71ec2\"\u003e\u003ccode\u003ec920fd0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/35021\"\u003e#35021\u003c/a\u003e from LongTangGithub/fix/docs-hmr-scroll-to-top\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/1750494e9f36748b2d89335e77f23f125fc5ec78\"\u003e\u003ccode\u003e1750494\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/35031\"\u003e#35031\u003c/a\u003e from storybookjs/jeppe/fix-mdx-no-dev-tag\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v10.4.4/code/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `style-dictionary` from 5.4.3 to 5.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/style-dictionary/style-dictionary/releases\"\u003estyle-dictionary's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e23b5e8d: Fix prototype pollution vulnerability in the \u003ccode\u003econvertTokenData\u003c/code\u003e utility function, this was introduced in version \u003ccode\u003e4.3.0\u003c/code\u003e.\nAny token key that includes \u003ccode\u003e__proto__\u003c/code\u003e will be ignored.\nSee \u003ca href=\"https://github.com/style-dictionary/style-dictionary/security/advisories/GHSA-vj5c-m527-mpff\"\u003eSecurity Advisory GHSA-vj5c-m527-mpff\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/style-dictionary/style-dictionary/blob/main/CHANGELOG.md\"\u003estyle-dictionary's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.4.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e23b5e8d: Fix prototype pollution vulnerability in the \u003ccode\u003econvertTokenData\u003c/code\u003e utility function, this was introduced in version \u003ccode\u003e4.3.0\u003c/code\u003e.\nAny token key that includes \u003ccode\u003e__proto__\u003c/code\u003e will be ignored.\nSee \u003ca href=\"https://github.com/style-dictionary/style-dictionary/security/advisories/GHSA-vj5c-m527-mpff\"\u003eSecurity Advisory GHSA-vj5c-m527-mpff\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/style-dictionary/style-dictionary/commit/1c9008813e79f4614d51daefa6118a936d72c281\"\u003e\u003ccode\u003e1c90088\u003c/code\u003e\u003c/a\u003e chore: release (\u003ca href=\"https://redirect.github.com/style-dictionary/style-dictionary/issues/1703\"\u003e#1703\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/style-dictionary/style-dictionary/commit/23b5e8dda143441f0d6b8e2b4222e2da98058bc5\"\u003e\u003ccode\u003e23b5e8d\u003c/code\u003e\u003c/a\u003e fix: prototype pollution in convertTokenData utility GHSA-vj5c-m527-mpff (\u003ca href=\"https://redirect.github.com/style-dictionary/style-dictionary/issues/1702\"\u003e#1702\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/style-dictionary/style-dictionary/compare/v5.4.3...v5.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `turbo` from 2.9.16 to 2.9.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/releases\"\u003eturbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTurborepo v2.9.18\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.17 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13047\"\u003evercel/turborepo#13047\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Fetch version.txt via API in docs alias failure notification by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13050\"\u003evercel/turborepo#13050\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden cache archive symlink restore by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13051\"\u003evercel/turborepo#13051\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove web UI mode by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13052\"\u003evercel/turborepo#13052\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden query server file access by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13053\"\u003evercel/turborepo#13053\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Confine prune patch paths by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13054\"\u003evercel/turborepo#13054\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Prevent git argument injection in SCM refs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13055\"\u003evercel/turborepo#13055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Strip special mode bits from cache restore by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13056\"\u003evercel/turborepo#13056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Contain incremental cache outputs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13057\"\u003evercel/turborepo#13057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(turborepo): Normalize Windows daemon path hash by \u003ca href=\"https://github.com/Balance8\"\u003e\u003ccode\u003e@​Balance8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13020\"\u003evercel/turborepo#13020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Preserve vt100 cell byte counts by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13058\"\u003evercel/turborepo#13058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Separate artifact signature fields by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13059\"\u003evercel/turborepo#13059\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate OidHash hex buffers by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13060\"\u003evercel/turborepo#13060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Block self-hosted login URLs from attempting to use Vercel's SSO by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13061\"\u003evercel/turborepo#13061\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Balance8\"\u003e\u003ccode\u003e@​Balance8\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13020\"\u003evercel/turborepo#13020\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\"\u003ehttps://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eTurborepo v2.9.17\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: Keep non-PTY stdin alive for persistent tasks by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12972\"\u003evercel/turborepo#12972\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.16 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12970\"\u003evercel/turborepo#12970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.17-canary.1 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12973\"\u003evercel/turborepo#12973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Add auth HTTP timeouts by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12976\"\u003evercel/turborepo#12976\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Detect affected root tasks in query by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12977\"\u003evercel/turborepo#12977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Wait for Windows graceful shutdown by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12979\"\u003evercel/turborepo#12979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.17-canary.2 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12980\"\u003evercel/turborepo#12980\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip installs for JSON output fixtures by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12981\"\u003evercel/turborepo#12981\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Add Rsbuild examples by \u003ca href=\"https://github.com/Nsttt\"\u003e\u003ccode\u003e@​Nsttt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12942\"\u003evercel/turborepo#12942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip installs for single package dry runs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12982\"\u003evercel/turborepo#12982\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip Corepack setup without installs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12983\"\u003evercel/turborepo#12983\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip installs for metadata-only Rust tests by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12985\"\u003evercel/turborepo#12985\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip remaining unnecessary fixture installs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12986\"\u003evercel/turborepo#12986\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Add final hash contract snapshots by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12984\"\u003evercel/turborepo#12984\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Trim run logging integration matrix by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12987\"\u003evercel/turborepo#12987\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Trim affected query integration matrix by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12988\"\u003evercel/turborepo#12988\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Narrow Windows integration test group by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12989\"\u003evercel/turborepo#12989\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Trim task dependency integration coverage by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12990\"\u003evercel/turborepo#12990\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Trim affected integration coverage by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12991\"\u003evercel/turborepo#12991\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Collapse integration test matrices by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12992\"\u003evercel/turborepo#12992\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/3bdce3277d2e61cdbf29f244a515dd4b896d2556\"\u003e\u003ccode\u003e3bdce32\u003c/code\u003e\u003c/a\u003e publish 2.9.18 to registry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/2a76556b9457c514fa597a09fef23da2e1250c8c\"\u003e\u003ccode\u003e2a76556\u003c/code\u003e\u003c/a\u003e fix: Block self-hosted login URLs from attempting to use Vercel's SSO (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13061\"\u003e#13061\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/da8e3487acce10039425180c42875d7ccc484ed5\"\u003e\u003ccode\u003eda8e348\u003c/code\u003e\u003c/a\u003e fix: Validate OidHash hex buffers (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13060\"\u003e#13060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/3018717c28fc8f1ecffa2c92e3260be0dc0165aa\"\u003e\u003ccode\u003e3018717\u003c/code\u003e\u003c/a\u003e fix: Separate artifact signature fields (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13059\"\u003e#13059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/34514e278822ccbe3a083730b7032709ef16f85c\"\u003e\u003ccode\u003e34514e2\u003c/code\u003e\u003c/a\u003e fix: Preserve vt100 cell byte counts (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13058\"\u003e#13058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/24e2d3498f54fa1f8b729f18764f63cb05072bc6\"\u003e\u003ccode\u003e24e2d34\u003c/code\u003e\u003c/a\u003e fix(turborepo): Normalize Windows daemon path hash (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13020\"\u003e#13020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/16dc881cabf5c13d02c27a5d7cfdfeb60736206c\"\u003e\u003ccode\u003e16dc881\u003c/code\u003e\u003c/a\u003e fix: Contain incremental cache outputs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13057\"\u003e#13057\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/92e1f8e5365ea5a95e47c3698deb2f7adaa55eba\"\u003e\u003ccode\u003e92e1f8e\u003c/code\u003e\u003c/a\u003e fix: Strip special mode bits from cache restore (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13056\"\u003e#13056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/f46f896ef414823582131304c9749e9be011fe37\"\u003e\u003ccode\u003ef46f896\u003c/code\u003e\u003c/a\u003e fix: Prevent git argument injection in SCM refs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13055\"\u003e#13055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/7f353ca3a6f28fbbcce931aeab7be0efe718c466\"\u003e\u003ccode\u003e7f353ca\u003c/code\u003e\u003c/a\u003e fix: Confine prune patch paths (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13054\"\u003e#13054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.16...v2.9.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript-eslint` from 8.60.1 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003etypescript-eslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md\"\u003etypescript-eslint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/typescript-eslint\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@oxc-parser/binding-linux-arm64-gnu` from 0.134.0 to 0.135.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/oxc-project/oxc/releases\"\u003e@​oxc-parser/binding-linux-arm64-gnu's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eoxc crates_v0.135.0\u003c/h2\u003e\n\u003ch3\u003e💥 BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eee4dc73 ast: [\u003cstrong\u003eBREAKING\u003c/strong\u003e] Add \u003ccode\u003e#[non_exhaustive]\u003c/code\u003e to AST nodes (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23046\"\u003e#23046\u003c/a\u003e) (overlookmotel)\u003c/li\u003e\n\u003cli\u003e4c35362 ast: [\u003cstrong\u003eBREAKING\u003c/strong\u003e] Add \u003ccode\u003eAstBuilder::template_element_escape_raw\u003c/code\u003e and \u003ccode\u003etemplate_element_escape_raw_with_lone_surrogates\u003c/code\u003e methods (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23047\"\u003e#23047\u003c/a\u003e) (overlookmotel)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb846ab2 react_compiler: Integrate the Rust port of the React Compiler (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/22942\"\u003e#22942\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e5b8dd68 parser: Report TS1255 for invalid class definite assertions (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/22917\"\u003e#22917\u003c/a\u003e) (camc314)\u003c/li\u003e\n\u003cli\u003e85efabf semantic: Make building the class table optional, off by default (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/22862\"\u003e#22862\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e556acdc codegen: Parenthesize TS-cast assignment targets (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23112\"\u003e#23112\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e37169ff codegen: Don't emit space between postfix \u003ccode\u003e--\u003c/code\u003e and \u003ccode\u003e\u0026gt;\u003c/code\u003e when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23036\"\u003e#23036\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ea4b1bf7 codegen: Drop redundant whitespace in minified TypeScript output (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23038\"\u003e#23038\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ecf53285 parser: Report reserved type-declaration names in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23035\"\u003e#23035\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e4e44969 ast: Fix UB in \u003ccode\u003eescape_template_element_raw\u003c/code\u003e (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23052\"\u003e#23052\u003c/a\u003e) (overlookmotel)\u003c/li\u003e\n\u003cli\u003ec543154 parser: Report comma operator in JSX expression in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23030\"\u003e#23030\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e325c94f codegen: Tighten conditional-type and constructor-type whitespace when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23033\"\u003e#23033\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e95dd3a2 parser: Report \u003ccode\u003eimport type\u003c/code\u003e alias to a non-external reference in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23032\"\u003e#23032\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e90180b8 codegen: Drop space after \u003ccode\u003e:\u003c/code\u003e in function return type when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23028\"\u003e#23028\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e6da876e parser: Report \u003ccode\u003eabstract\u003c/code\u003e private class field in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23029\"\u003e#23029\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e28467ce codegen: Don't emit space before a postfix update operand when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23027\"\u003e#23027\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ecb29926 codegen: Drop redundant space after \u003ccode\u003eexport default\u003c/code\u003e when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23024\"\u003e#23024\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e62965ae codegen: Drop redundant space after \u003ccode\u003eelse\u003c/code\u003e when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23025\"\u003e#23025\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e989230a parser: Report compound assignment to non-simple target in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23022\"\u003e#23022\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e06f367c parser: Report \u003ccode\u003esuper.#field\u003c/code\u003e private access in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23014\"\u003e#23014\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e184edef codegen: Print space before \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003edeclare\u003c/code\u003e enum modifier (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23013\"\u003e#23013\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e4d722e0 parser: Report duplicate switch \u003ccode\u003edefault\u003c/code\u003e clause in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23012\"\u003e#23012\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e597ed85 codegen: Parenthesize \u003ccode\u003elet\u003c/code\u003e/\u003ccode\u003easync\u003c/code\u003e for-of head target (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23008\"\u003e#23008\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e8b631bf codegen: Remove stray space before mapped type value colon (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23010\"\u003e#23010\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ec08407e codegen: Don't over-parenthesize \u003ccode\u003ein\u003c/code\u003e inside an arrow in a for-init (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23009\"\u003e#23009\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e600cd6f codegen: Parenthesize lower-precedence \u003ccode\u003eTSInstantiationExpression\u003c/code\u003e operand (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23007\"\u003e#23007\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e187e1a5 codegen: Don't leak space after comment-only JSX expression container (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23006\"\u003e#23006\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e294c473 codegen: Don't over-parenthesize \u003ccode\u003eTSTypeAssertion\u003c/code\u003e operand (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23004\"\u003e#23004\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e786d96f codegen: Give \u003ccode\u003eTSTypeAssertion\u003c/code\u003e unary precedence (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23002\"\u003e#23002\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e1295882 parser: Report \u003ccode\u003enew.target\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e syntax errors in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23003\"\u003e#23003\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ed727b6b codegen: Parenthesize \u003ccode\u003eawait\u003c/code\u003e expression as base of \u003ccode\u003e**\u003c/code\u003e (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23001\"\u003e#23001\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e67dfa08 codegen: Keep parentheses around \u003ccode\u003enew\u003c/code\u003e callees containing a call (\u003c...\n\n_Description has been truncated_","html_url":"https://github.com/baloise/design-system/pull/1973","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/baloise%2Fdesign-system/issues/1973","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1973/packages"},{"uuid":"4661818257","node_id":"PR_kwDOQx7g0c7mXetm","number":8436,"state":"open","title":"chore(deps): Bump dompurify from 3.4.7 to 3.4.10 in /aragora/live","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T03:35:58.000Z","updated_at":"2026-06-15T13:51:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","packages":[{"name":"dompurify","old_version":"3.4.7","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/aragora/live","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.7 to 3.4.10.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.7...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.7\u0026new-version=3.4.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/synaptent/aragora/pull/8436","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/synaptent%2Faragora/issues/8436","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8436/packages"},{"uuid":"4661746210","node_id":"PR_kwDOSzORUs7mXQL7","number":12,"state":"open","title":"deps(frontend): bump the patch-and-minor group across 1 directory with 17 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T03:14:54.000Z","updated_at":"2026-06-15T03:14:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(frontend): bump","group_name":"patch-and-minor","update_count":17,"packages":[{"name":"@sentry/react","old_version":"10.53.1","new_version":"10.57.0","repository_url":"https://github.com/getsentry/sentry-javascript"},{"name":"axios","old_version":"1.16.1","new_version":"1.18.0","repository_url":"https://github.com/axios/axios"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.4.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"docx","old_version":"9.6.1","new_version":"9.7.1","repository_url":"https://github.com/dolanmiu/docx"},{"name":"dompurify","old_version":"3.4.3","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"lucide-react","old_version":"1.16.0","new_version":"1.18.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"react","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"19.2.14","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-big-calendar","old_version":"1.19.4","new_version":"1.20.0","repository_url":"https://github.com/bigcalendar/react-big-calendar"},{"name":"react-dom","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-router-dom","old_version":"7.15.1","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"@tailwindcss/vite","old_version":"4.3.0","new_version":"4.3.1","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@vitest/coverage-v8","old_version":"4.1.6","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"eslint-plugin-react-refresh","old_version":"0.5.2","new_version":"0.5.3","repository_url":"https://github.com/ArnaudBarre/eslint-plugin-react-refresh"},{"name":"prettier","old_version":"3.8.3","new_version":"3.8.4","repository_url":"https://github.com/prettier/prettier"}],"path":null,"ecosystem":"npm"},"body":"Bumps the patch-and-minor group with 15 updates in the /frontend directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@sentry/react](https://github.com/getsentry/sentry-javascript) | `10.53.1` | `10.57.0` |\n| [axios](https://github.com/axios/axios) | `1.16.1` | `1.18.0` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.4.0` |\n| [docx](https://github.com/dolanmiu/docx) | `9.6.1` | `9.7.1` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.3` | `3.4.10` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.16.0` | `1.18.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |\n| [react-big-calendar](https://github.com/bigcalendar/react-big-calendar) | `1.19.4` | `1.20.0` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.15.1` | `7.17.0` |\n| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.3.0` | `4.3.1` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.6` | `4.1.8` |\n| [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.5.2` | `0.5.3` |\n| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |\n\n\nUpdates `@sentry/react` from 10.53.1 to 10.57.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/getsentry/sentry-javascript/releases\"\u003e@​sentry/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.57.0\u003c/h2\u003e\n\u003ch3\u003eImportant Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003efeat(angular): Add support for Angular 22 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21330\"\u003e#21330\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e@sentry/angular\u003c/code\u003e now officially supports Angular 22.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eref(core): Deprecate \u003ccode\u003esendDefaultPii\u003c/code\u003e in favor of \u003ccode\u003edataCollection\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21277\"\u003e#21277\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003esendDefaultPii\u003c/code\u003e is deprecated and will be removed in v11. The new \u003ccode\u003edataCollection\u003c/code\u003e option lets you control each category of collected data.\n\u003ccode\u003esendDefaultPii: true\u003c/code\u003e still works and maps to enabling all \u003ccode\u003edataCollection\u003c/code\u003e categories.\n\u003ccode\u003edataCollection.userInfo\u003c/code\u003e defaults to \u003ccode\u003etrue\u003c/code\u003e when \u003ccode\u003edataCollection\u003c/code\u003e is provided, meaning auto-populated \u003ccode\u003euser.*\u003c/code\u003e fields (e.g. IP address from a request) are collected by default.\nData you set explicitly (like via \u003ccode\u003eSentry.setUser()\u003c/code\u003e) is always sent regardless.\nWhen \u003ccode\u003edataCollection\u003c/code\u003e is not set at all, the legacy \u003ccode\u003esendDefaultPii\u003c/code\u003e behavior applies (\u003ccode\u003euserInfo: false\u003c/code\u003e by default) to preserve backward compatibility.\u003c/p\u003e\n\u003cp\u003eNote that an empty \u003ccode\u003edataCollection: {}\u003c/code\u003e falls back to more permissive defaults than \u003ccode\u003esendDefaultPii: false\u003c/code\u003e, so replicate the old behavior by opting out explicitly:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eSentry.init({\n  dataCollection: {\n    userInfo: false,\n    genAI: { inputs: false, outputs: false },\n    httpBodies: [],\n    httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n    cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n    queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n  },\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Use \u003ccode\u003edataCollection.frameContextLines\u003c/code\u003e for ContextLines integration (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21323\"\u003e#21323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(cloudflare): Auto instrument D1 based on env (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21276\"\u003e#21276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Change default of \u003ccode\u003edataCollection.userInfo\u003c/code\u003e to \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21348\"\u003e#21348\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Default \u003ccode\u003edataCollection.httpBodies\u003c/code\u003e to all valid body types (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21352\"\u003e#21352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(hono): Filter noisy transactions (\u003ccode\u003efavicon\u003c/code\u003e etc) (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21365\"\u003e#21365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(cloudflare): Don't track negatively sampled spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21367\"\u003e#21367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(core): Use \u003ccode\u003esafeDateNow\u003c/code\u003e calls for \u003ccode\u003enew Date()\u003c/code\u003e reads (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21351\"\u003e#21351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(nextjs): Shim \u003ccode\u003epinoIntegration\u003c/code\u003e on edge runtime (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21347\"\u003e#21347\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node): Prevent PostgresJs integration from emitting duplicate spans per query (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21364\"\u003e#21364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node-core): Read \u003ccode\u003e__SENTRY_SERVER_MODULES__\u003c/code\u003e lazily so Turbopack injection is honored (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21339\"\u003e#21339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21326\"\u003e#21326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(react): Remove unused \u003ccode\u003ereact.componentStack\u003c/code\u003e event context (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21183\"\u003e#21183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(replays): Record \u003ccode\u003esentry._internal.replay_is_buffering\u003c/code\u003e for spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21297\"\u003e#21297\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore: Bump volta node version from 20.19.2 to 20.19.5 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21359\"\u003e#21359\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md\"\u003e@​sentry/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.57.0\u003c/h2\u003e\n\u003ch3\u003eImportant Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003efeat(angular): Add support for Angular 22 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21330\"\u003e#21330\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e@sentry/angular\u003c/code\u003e now officially supports Angular 22.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eref(core): Deprecate \u003ccode\u003esendDefaultPii\u003c/code\u003e in favor of \u003ccode\u003edataCollection\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21277\"\u003e#21277\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003esendDefaultPii\u003c/code\u003e is deprecated and will be removed in v11. The new \u003ccode\u003edataCollection\u003c/code\u003e option lets you control each category of collected data.\n\u003ccode\u003esendDefaultPii: true\u003c/code\u003e still works and maps to enabling all \u003ccode\u003edataCollection\u003c/code\u003e categories.\n\u003ccode\u003edataCollection.userInfo\u003c/code\u003e defaults to \u003ccode\u003etrue\u003c/code\u003e when \u003ccode\u003edataCollection\u003c/code\u003e is provided, meaning auto-populated \u003ccode\u003euser.*\u003c/code\u003e fields (e.g. IP address from a request) are collected by default.\nData you set explicitly (like via \u003ccode\u003eSentry.setUser()\u003c/code\u003e) is always sent regardless.\nWhen \u003ccode\u003edataCollection\u003c/code\u003e is not set at all, the legacy \u003ccode\u003esendDefaultPii\u003c/code\u003e behavior applies (\u003ccode\u003euserInfo: false\u003c/code\u003e by default) to preserve backward compatibility.\u003c/p\u003e\n\u003cp\u003eNote that an empty \u003ccode\u003edataCollection: {}\u003c/code\u003e falls back to more permissive defaults than \u003ccode\u003esendDefaultPii: false\u003c/code\u003e, so replicate the old behavior by opting out explicitly:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eSentry.init({\n  dataCollection: {\n    userInfo: false,\n    genAI: { inputs: false, outputs: false },\n    httpBodies: [],\n    httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n    cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n    queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n  },\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Use \u003ccode\u003edataCollection.frameContextLines\u003c/code\u003e for ContextLines integration (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21323\"\u003e#21323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(cloudflare): Auto instrument D1 based on env (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21276\"\u003e#21276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Change default of \u003ccode\u003edataCollection.userInfo\u003c/code\u003e to \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21348\"\u003e#21348\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Default \u003ccode\u003edataCollection.httpBodies\u003c/code\u003e to all valid body types (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21352\"\u003e#21352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(hono): Filter noisy transactions (\u003ccode\u003efavicon\u003c/code\u003e etc) (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21365\"\u003e#21365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(cloudflare): Don't track negatively sampled spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21367\"\u003e#21367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(core): Use \u003ccode\u003esafeDateNow\u003c/code\u003e calls for \u003ccode\u003enew Date()\u003c/code\u003e reads (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21351\"\u003e#21351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(nextjs): Shim \u003ccode\u003epinoIntegration\u003c/code\u003e on edge runtime (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21347\"\u003e#21347\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node): Prevent PostgresJs integration from emitting duplicate spans per query (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21364\"\u003e#21364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node-core): Read \u003ccode\u003e__SENTRY_SERVER_MODULES__\u003c/code\u003e lazily so Turbopack injection is honored (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21339\"\u003e#21339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21326\"\u003e#21326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(react): Remove unused \u003ccode\u003ereact.componentStack\u003c/code\u003e event context (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21183\"\u003e#21183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(replays): Record \u003ccode\u003esentry._internal.replay_is_buffering\u003c/code\u003e for spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21297\"\u003e#21297\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/950cf9756532c871a448710addba6fefb397828a\"\u003e\u003ccode\u003e950cf97\u003c/code\u003e\u003c/a\u003e release: 10.57.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/55f9343e356723234304ffe012abc43b297cbb9f\"\u003e\u003ccode\u003e55f9343\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21369\"\u003e#21369\u003c/a\u003e from getsentry/prepare-release/10.57.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/88d9d30362681c60f9a0f9a6f048e149cda32f29\"\u003e\u003ccode\u003e88d9d30\u003c/code\u003e\u003c/a\u003e meta(changelog): Update changelog for 10.57.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/03ffd2525c2c7763524c7620968a58528f1b4307\"\u003e\u003ccode\u003e03ffd25\u003c/code\u003e\u003c/a\u003e fix(cloudflare): Don't track negatively sampled spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21367\"\u003e#21367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/7c19ead1ddd35906500d43b8a43c9b22a0a3a890\"\u003e\u003ccode\u003e7c19ead\u003c/code\u003e\u003c/a\u003e ref(node): Streamline sql-common (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21360\"\u003e#21360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/95df562e1f36a5ffc35c17f2a5358325f385fb7b\"\u003e\u003ccode\u003e95df562\u003c/code\u003e\u003c/a\u003e feat(hono): Filter noisy transactions (\u003ccode\u003efavicon\u003c/code\u003e etc) (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21365\"\u003e#21365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/92eb5d209542fddd568965cc2fb35d55892200dc\"\u003e\u003ccode\u003e92eb5d2\u003c/code\u003e\u003c/a\u003e feat(deps): Bump hono from 4.12.18 to 4.12.21 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21341\"\u003e#21341\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/c6f790bf8d46cd0529529a1788d2af863ec1df6b\"\u003e\u003ccode\u003ec6f790b\u003c/code\u003e\u003c/a\u003e fix(node): Prevent PostgresJs integration from emitting duplicate spans per q...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/d64534903f34fe4f2c7a0876b3b8481aeff1f858\"\u003e\u003ccode\u003ed645349\u003c/code\u003e\u003c/a\u003e ref(node): Streamline lru-memoizer instrumentation (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21350\"\u003e#21350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/4293015f67d2042ce6bd92e7fede4edd1cb2869c\"\u003e\u003ccode\u003e4293015\u003c/code\u003e\u003c/a\u003e feat(deps): Bump \u003ccode\u003e@​types/aws-lambda\u003c/code\u003e from 8.10.150 to 8.10.161 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21105\"\u003e#21105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/getsentry/sentry-javascript/compare/10.53.1...10.57.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.16.1 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d06f96e8602c2db13b65a26340ee4a1bbc0b61f\"\u003e\u003ccode\u003e2d06f96\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.18.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32fc489632377d214db55bfa4e2c48486a7d7ce2\"\u003e\u003ccode\u003e32fc489\u003c/code\u003e\u003c/a\u003e fix: malformed http urls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b40ce498abfa10d90b873b4fd08f520afa5d2545\"\u003e\u003ccode\u003eb40ce49\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 10 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fe964f960ecb52c3e1155b0daf7be77541956b01\"\u003e\u003ccode\u003efe964f9\u003c/code\u003e\u003c/a\u003e docs: mark proxy config as Node.js only (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5f229d2d1f018d1db3dab6bbe034dbf3f9041b99\"\u003e\u003ccode\u003e5f229d2\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fae9d4e7db6a858c407c75e607a071c533c5c4f6\"\u003e\u003ccode\u003efae9d4e\u003c/code\u003e\u003c/a\u003e docs: clarify package update PR policy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28ab2ced820e55192806c53472ab3eb0cbb68dc2\"\u003e\u003ccode\u003e28ab2ce\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a8e4f13aeecc45a3b8fab3ecfd9ddb5d70fb772b\"\u003e\u003ccode\u003ea8e4f13\u003c/code\u003e\u003c/a\u003e fix(core): keep default validateStatus when request passes undefined (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/614f4552a17de757d4171ad7c3bd38c9c1025fd8\"\u003e\u003ccode\u003e614f455\u003c/code\u003e\u003c/a\u003e docs: publish v1.17.0 release notes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6bb12c191f5380fad321322fb90216ae0dc36985\"\u003e\u003ccode\u003e6bb12c1\u003c/code\u003e\u003c/a\u003e fix: custom auth headers not stripped on cross-origin redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `date-fns` from 4.1.0 to 4.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/date-fns/date-fns/releases\"\u003edate-fns's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003cp\u003eThis release revisits the approach to CDN usage and introduces a new package, \u003ccode\u003e@date-fns/cdn\u003c/code\u003e and deprecates the \u003ccode\u003edate-fns\u003c/code\u003e CDN scripts. It allowed reducing the zipped package size from \u003ccode\u003e5.83 MB\u003c/code\u003e down to \u003ccode\u003e3.96 MB\u003c/code\u003e without introducing any breaking changes.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003ev5.0.0-alpha.0\u003c/code\u003e where CDN scripts are completely removed from \u003ccode\u003edate-fns\u003c/code\u003e the change is more significant and brings the zipped package size down to \u003ccode\u003e2.89 MB\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIt is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDEPRECATED\u003c/strong\u003e: The \u003ccode\u003edate-fns\u003c/code\u003e CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new \u003ccode\u003e@date-fns/cdn\u003c/code\u003e package for CDN usage.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved CDN source maps to reduce the package size. If you rely on them, please switch to the new \u003ccode\u003e@date-fns/cdn\u003c/code\u003e package that still includes them.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cp\u003eKudos to \u003ca href=\"https://github.com/ImRodry\"\u003e\u003ccode\u003e@​ImRodry\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e for their contributions.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFixed missing modularized optimization fallback (\u003ca href=\"https://x.com/kossnocorp/status/1731181274579325260\"\u003efor Next.js and others\u003c/a\u003e). See \u003ca href=\"https://x.com/kossnocorp/status/1731181274579325260\"\u003e#4193\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ccode\u003ept\u003c/code\u003e locale first day of week to be Sunday. See \u003ca href=\"https://redirect.github.com/date-fns/date-fns/pull/4195\"\u003e#4195\u003c/a\u003e by \u003ca href=\"https://github.com/ImRodry\"\u003e\u003ccode\u003e@​ImRodry\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ccode\u003ezh-CN\u003c/code\u003e, \u003ccode\u003ezh-HK\u003c/code\u003e, and \u003ccode\u003ezh-TW\u003c/code\u003e locale month parsing for October, November, and December. See \u003ca href=\"https://redirect.github.com/date-fns/date-fns/pull/4194\"\u003e#4194\u003c/a\u003e by \u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a minor release in all senses, it only includes documentation updates (first of many) that points to the new \u003ca href=\"https://date-fns.org/you-dont-need-date-fns\"\u003eYou Don't Need date-fns*\u003c/a\u003e page.\u003c/p\u003e\n\u003cp\u003e* Not really\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded Temporal API references to the JSDoc annotations of \u003ccode\u003eadd\u003c/code\u003e, \u003ccode\u003eaddBusinessDays\u003c/code\u003e, and \u003ccode\u003eaddDays\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/cd53d2538cfa318404eff7ade6449b49bf34562e\"\u003e\u003ccode\u003ecd53d25\u003c/code\u003e\u003c/a\u003e Promote to v4.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/d948ec151d395096de8a45fbcd9b1e79c26fda25\"\u003e\u003ccode\u003ed948ec1\u003c/code\u003e\u003c/a\u003e Preserve but deprecate CDN versions for v4, set up v5 with polyfills\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/ee65753cfc5d73cc9acd43aaa8012b3b233ddf32\"\u003e\u003ccode\u003eee65753\u003c/code\u003e\u003c/a\u003e Add root \u003ccode\u003emise :format\u003c/code\u003e task\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/9f5bdf5d5a944772aa9668c4fa6567d89ca01fa9\"\u003e\u003ccode\u003e9f5bdf5\u003c/code\u003e\u003c/a\u003e Add positional argument to \u003ccode\u003etest/smoke.sh\u003c/code\u003e script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/651ead6faf331515814803faf457f5b9db7c9729\"\u003e\u003ccode\u003e651ead6\u003c/code\u003e\u003c/a\u003e Split CDN bundles into separate \u003ccode\u003e@​date-fns/cdn\u003c/code\u003e package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/224c1a209967dad359a2c2adc9a5b0ef72e4fe7b\"\u003e\u003ccode\u003e224c1a2\u003c/code\u003e\u003c/a\u003e Deprecate type tests as attw hangs on date-fns package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/7bb2842dac3d579f84b2de62f015335fb3ac734a\"\u003e\u003ccode\u003e7bb2842\u003c/code\u003e\u003c/a\u003e Switch \u003ccode\u003ePACKAGE_OUTPUT_PATH\u003c/code\u003e to \u003ccode\u003e--dist\u003c/code\u003e flag in the package build script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/b6ad5acc5ab0b40777a2695ec074c2ffcd982763\"\u003e\u003ccode\u003eb6ad5ac\u003c/code\u003e\u003c/a\u003e Add flags to control package build script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/424a783de1fd974bcdbe907c9c5eb5154e9db29f\"\u003e\u003ccode\u003e424a783\u003c/code\u003e\u003c/a\u003e Fix docs release after moving to monorepo setup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/f95bcf18b53e6832b2c575c24c98654a24f52699\"\u003e\u003ccode\u003ef95bcf1\u003c/code\u003e\u003c/a\u003e (docs): Add missing \u003ccode\u003etsx\u003c/code\u003e dependency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/date-fns/date-fns/compare/v4.1.0...v4.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docx` from 9.6.1 to 9.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dolanmiu/docx/releases\"\u003edocx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.7.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump nanoid from 5.1.7 to 5.1.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3436\"\u003edolanmiu/docx#3436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump inquirer from 13.3.2 to 13.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3437\"\u003edolanmiu/docx#3437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump prettier from 3.8.1 to 3.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3438\"\u003edolanmiu/docx#3438\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump jiti from 2.6.1 to 2.7.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3439\"\u003edolanmiu/docx#3439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsx from 4.21.0 to 4.22.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3440\"\u003edolanmiu/docx#3440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-jsdoc from 62.8.0 to 63.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3441\"\u003edolanmiu/docx#3441\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump cspell from 9.7.0 to 10.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3442\"\u003edolanmiu/docx#3442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump the npm_and_yarn group across 1 directory with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3435\"\u003edolanmiu/docx#3435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-functional from 9.0.4 to 9.0.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3445\"\u003edolanmiu/docx#3445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.5.0 to 25.9.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3446\"\u003edolanmiu/docx#3446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pre-commit from 1.2.2 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3447\"\u003edolanmiu/docx#3447\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-unicorn from 63.0.0 to 64.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3448\"\u003edolanmiu/docx#3448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump jsdom from 29.0.1 to 29.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3449\"\u003edolanmiu/docx#3449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump inquirer from 13.4.3 to 14.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3451\"\u003edolanmiu/docx#3451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typedoc from 0.28.18 to 0.28.19 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3452\"\u003edolanmiu/docx#3452\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 8.59.4 to 8.60.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3450\"\u003edolanmiu/docx#3450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 8.59.4 to 8.60.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3454\"\u003edolanmiu/docx#3454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix/bundle types issue by \u003ca href=\"https://github.com/dolanmiu\"\u003e\u003ccode\u003e@​dolanmiu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3456\"\u003edolanmiu/docx#3456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript-eslint from 8.59.4 to 8.60.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3455\"\u003edolanmiu/docx#3455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Upgrade node-version in GitHub Actions workflow by \u003ca href=\"https://github.com/dolanmiu\"\u003e\u003ccode\u003e@​dolanmiu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3457\"\u003edolanmiu/docx#3457\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dolanmiu/docx/compare/9.7.0...9.7.1\"\u003ehttps://github.com/dolanmiu/docx/compare/9.7.0...9.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e9.7.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 8.56.1 to 8.57.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3388\"\u003edolanmiu/docx#3388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript-eslint from 8.56.1 to 8.57.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3389\"\u003edolanmiu/docx#3389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.3.5 to 25.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3390\"\u003edolanmiu/docx#3390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-jsdoc from 62.7.1 to 62.8.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3392\"\u003edolanmiu/docx#3392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump vite from 7.3.1 to 8.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3393\"\u003edolanmiu/docx#3393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.4.0 to 25.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3396\"\u003edolanmiu/docx#3396\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump undici from 7.21.0 to 7.24.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3398\"\u003edolanmiu/docx#3398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump nanoid from 5.1.6 to 5.1.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3402\"\u003edolanmiu/docx#3402\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump inquirer from 13.3.0 to 13.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3401\"\u003edolanmiu/docx#3401\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump jsdom from 28.1.0 to 29.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3400\"\u003edolanmiu/docx#3400\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 8.57.0 to 8.57.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3403\"\u003edolanmiu/docx#3403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump vite from 8.0.0 to 8.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3406\"\u003edolanmiu/docx#3406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump jsdom from 29.0.0 to 29.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3407\"\u003edolanmiu/docx#3407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump flatted from 3.3.3 to 3.4.2 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3408\"\u003edolanmiu/docx#3408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 8.57.0 to 8.57.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3404\"\u003edolanmiu/docx#3404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add track change support to images by \u003ca href=\"https://github.com/james-atticus\"\u003e\u003ccode\u003e@​james-atticus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3432\"\u003edolanmiu/docx#3432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: use sequential filenames for embedded fonts by \u003ca href=\"https://github.com/ctjlewis\"\u003e\u003ccode\u003e@​ctjlewis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3428\"\u003edolanmiu/docx#3428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(numbering): levels can associate with paragraph style by \u003ca href=\"https://github.com/Alexnortung\"\u003e\u003ccode\u003e@​Alexnortung\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3430\"\u003edolanmiu/docx#3430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: make sure \u003ccode\u003ecode\u003c/code\u003e is being set for page size by \u003ca href=\"https://github.com/Alexnortung\"\u003e\u003ccode\u003e@​Alexnortung\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3427\"\u003edolanmiu/docx#3427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeature/comment replies and resolved state by \u003ca href=\"https://github.com/SerhiiShcheh\"\u003e\u003ccode\u003e@​SerhiiShcheh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3424\"\u003edolanmiu/docx#3424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(paragraph): add firstLineChars indent support by \u003ca href=\"https://github.com/hehecat\"\u003e\u003ccode\u003e@​hehecat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3420\"\u003edolanmiu/docx#3420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 8.57.1 to 8.57.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3416\"\u003edolanmiu/docx#3416\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/4934d310c724520ad9d3e7e6d5d47430664ea9f7\"\u003e\u003ccode\u003e4934d31\u003c/code\u003e\u003c/a\u003e chore: Upgrade node-version in GitHub Actions workflow (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3457\"\u003e#3457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/a17c867b1cebb527c0dc4d48fec0f0d7d3e03716\"\u003e\u003ccode\u003ea17c867\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript-eslint from 8.59.4 to 8.60.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/28ae793f5fb808ef90bf6d83a1e4f7e52d07cf3c\"\u003e\u003ccode\u003e28ae793\u003c/code\u003e\u003c/a\u003e Fix/bundle types issue (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3456\"\u003e#3456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/12347dd0dacec6bec5939d7c18f91fff9a232579\"\u003e\u003ccode\u003e12347dd\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 8.59.4 to 8.60.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3454\"\u003e#3454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/7797f50d41f7a6118db40d490ed4708b0beae0cc\"\u003e\u003ccode\u003e7797f50\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3450\"\u003e#3450\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/e61edc0c0432fe48c07006f851be84c970a74f71\"\u003e\u003ccode\u003ee61edc0\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typedoc from 0.28.18 to 0.28.19 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3452\"\u003e#3452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/0d185a10b81ff2aad6ecd64eaf003c59fe73d44e\"\u003e\u003ccode\u003e0d185a1\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump inquirer from 13.4.3 to 14.0.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3451\"\u003e#3451\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/e757cff8f0604aceddc79194a77e239ec310573e\"\u003e\u003ccode\u003ee757cff\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump jsdom from 29.0.1 to 29.1.1 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3449\"\u003e#3449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/3958b5a71af153df1d752a4ecbb223f3857e70f0\"\u003e\u003ccode\u003e3958b5a\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump eslint-plugin-unicorn from 63.0.0 to 64.0.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3448\"\u003e#3448\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/1be2d5196a09b508b49eeb6085ea22a50e341f5f\"\u003e\u003ccode\u003e1be2d51\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pre-commit from 1.2.2 to 2.0.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3447\"\u003e#3447\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dolanmiu/docx/compare/9.6.1...9.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.4.3 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.3...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lucide-react` from 1.16.0 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lucide-icons/lucide/releases\"\u003elucide-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(site): Remove survey from site by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4417\"\u003elucide-icons/lucide#4417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eplay-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/Ahmed-Dghaies\"\u003e\u003ccode\u003e@​Ahmed-Dghaies\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4412\"\u003elucide-icons/lucide#4412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(metadata): add missing use-cases prop on play-off.json by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4423\"\u003elucide-icons/lucide#4423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(docs): force hide #bb-banner, if html.has-bb-banner is missing by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4422\"\u003elucide-icons/lucide#4422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(docs): Remove \u003ccode\u003e@next\u003c/code\u003e from installation instructions for\u003ccode\u003e@lucide/svelte\u003c/code\u003e by \u003ca href=\"https://github.com/alecglassford\"\u003e\u003ccode\u003e@​alecglassford\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4432\"\u003elucide-icons/lucide#4432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(packages/angular): add support for Angular v22 and onwards by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4450\"\u003elucide-icons/lucide#4450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ci): add check to skip release if latest tag was created today by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4085\"\u003elucide-icons/lucide#4085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003ewebcam-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/jordan-burnett\"\u003e\u003ccode\u003e@​jordan-burnett\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4242\"\u003elucide-icons/lucide#4242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alecglassford\"\u003e\u003ccode\u003e@​alecglassford\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4432\"\u003elucide-icons/lucide#4432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jordan-burnett\"\u003e\u003ccode\u003e@​jordan-burnett\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4242\"\u003elucide-icons/lucide#4242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.17.0...1.18.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.17.0...1.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4376\"\u003elucide-icons/lucide#4376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(repo): Update issue templates and documentation for package ren… by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4379\"\u003elucide-icons/lucide#4379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Adds survey overlay to website by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4380\"\u003elucide-icons/lucide#4380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Certificate dev links by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4390\"\u003elucide-icons/lucide#4390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): changed \u003ccode\u003emartini\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4335\"\u003elucide-icons/lucide#4335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4386\"\u003elucide-icons/lucide#4386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e from 2.0.0 to 2.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4404\"\u003elucide-icons/lucide#4404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump devalue from 5.8.0 to 5.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4391\"\u003elucide-icons/lucide#4391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ws from 8.18.0 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4392\"\u003elucide-icons/lucide#4392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(gh-icon): limit icon size to a maximum of 256 pixels by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4398\"\u003elucide-icons/lucide#4398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(dependencies): Update dependencies by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4377\"\u003elucide-icons/lucide#4377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(copilot): Adding copilot instructions by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4407\"\u003elucide-icons/lucide#4407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add \u003ccode\u003eglobe-check\u003c/code\u003e by \u003ca href=\"https://github.com/Barakudum\"\u003e\u003ccode\u003e@​Barakudum\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4342\"\u003elucide-icons/lucide#4342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(metadata): Require use-cases in meta json by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4321\"\u003elucide-icons/lucide#4321\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eparasol\u003c/code\u003e icon by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4347\"\u003elucide-icons/lucide#4347\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/lucide-icons/lucide/commits/1.18.0/packages/lucide-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.6 to 19.2.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.7 (June 1st, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003eFormData\u003c/code\u003e entries in Server Actions which regressed in 19.2.6\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36566\"\u003e#36566\u003c/a\u003e by \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d\"\u003e\u003ccode\u003e6117d7c\u003c/code\u003e\u003c/a\u003e Version 19.2.7 (\u003ca href=\"https://github.com/facebook/react/tree/HEAD/packages/react/issues/36591\"\u003e#36591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.7/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actio...\n\n_Description has been truncated_","html_url":"https://github.com/samifahad58/suhail/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/samifahad58%2Fsuhail/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"},{"uuid":"4661389212","node_id":"PR_kwDOR_R5Lc7mWI4j","number":111,"state":"open","title":"build(deps): update dompurify requirement from ^3.3.1 to ^3.4.10 in /superset-frontend/plugins/legacy-preset-chart-nvd3","user":"dependabot[bot]","labels":["dependencies:npm","plugins"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T01:35:08.000Z","updated_at":"2026-06-15T01:35:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): update","packages":[{"name":"dompurify","old_version":"^3.3.1","new_version":"^3.4.10","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/superset-frontend/plugins/legacy-preset-chart-nvd3","ecosystem":"npm"},"body":"Updates the requirements on [dompurify](https://github.com/cure53/DOMPurify) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.1...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/learningsam20/superset-custom/pull/111","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/learningsam20%2Fsuperset-custom/issues/111","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/111/packages"},{"uuid":"4661227380","node_id":"PR_kwDOSy_9u87mVprV","number":12,"state":"open","title":"chore(deps): bump the minor-and-patch group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["frontend"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T00:46:15.000Z","updated_at":"2026-06-15T00:46:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":7,"packages":[{"name":"dompurify","old_version":"3.4.5","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"marked","old_version":"18.0.4","new_version":"18.0.5","repository_url":"https://github.com/markedjs/marked"},{"name":"@tailwindcss/vite","old_version":"4.3.0","new_version":"4.3.1","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"react-router-dom","old_version":"7.16.0","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"@types/react","old_version":"19.2.16","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint-plugin-react-refresh","old_version":"0.5.2","new_version":"0.5.3","repository_url":"https://github.com/ArnaudBarre/eslint-plugin-react-refresh"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 6 updates in the /client directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.5` | `3.4.10` |\n| [marked](https://github.com/markedjs/marked) | `18.0.4` | `18.0.5` |\n| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.3.0` | `4.3.1` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.16.0` | `7.17.0` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.16` | `19.2.17` |\n| [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.5.2` | `0.5.3` |\n\n\nUpdates `dompurify` from 3.4.5 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.5...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `marked` from 18.0.4 to 18.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markedjs/marked/releases\"\u003emarked's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev18.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/markedjs/marked/compare/v18.0.4...v18.0.5\"\u003e18.0.5\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eparse empty list item with trailing space (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3984\"\u003e#3984\u003c/a\u003e) (\u003ca href=\"https://github.com/markedjs/marked/commit/b55410f846570a2dbdd1f1afe1d51c6a7dd2a188\"\u003eb55410f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/4063c638cb621c09091d41b26f323ff074416bb9\"\u003e\u003ccode\u003e4063c63\u003c/code\u003e\u003c/a\u003e chore(release): 18.0.5 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/b55410f846570a2dbdd1f1afe1d51c6a7dd2a188\"\u003e\u003ccode\u003eb55410f\u003c/code\u003e\u003c/a\u003e fix: parse empty list item with trailing space (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3984\"\u003e#3984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/c6e667bf2a58c312ea3a26818d92ea728739de99\"\u003e\u003ccode\u003ec6e667b\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump eslint from 10.4.0 to 10.4.1 (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3986\"\u003e#3986\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/95f98ec7b9635ad96504225585c4e7e77a30405e\"\u003e\u003ccode\u003e95f98ec\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​arethetypeswrong/cli\u003c/code\u003e from 0.18.2 to 0.18.3 (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3985\"\u003e#3985\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/c1a86f00ccd81144422f1a4194756bd48111c531\"\u003e\u003ccode\u003ec1a86f0\u003c/code\u003e\u003c/a\u003e Add Node.js usage example to README (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3983\"\u003e#3983\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/763f72903f032bca64bb5c3c0633276aa924df70\"\u003e\u003ccode\u003e763f729\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump marked-man from 2.1.0 to 2.1.1 (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3978\"\u003e#3978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/2cf1fd04d9afa1081c5b836e2ca5b6b43ea0ee41\"\u003e\u003ccode\u003e2cf1fd0\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump markdown-it from 14.1.1 to 14.2.0 (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3977\"\u003e#3977\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/markedjs/marked/compare/v18.0.4...v18.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tailwindcss/vite` from 4.3.0 to 4.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/releases\"\u003e@​tailwindcss/vite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md\"\u003e@​tailwindcss/vite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.3.1] - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8a14a710102cae195f6811e8578bef9477bc6be9\"\u003e\u003ccode\u003e8a14a71\u003c/code\u003e\u003c/a\u003e 4.3.1 (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite/issues/20226\"\u003e#20226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/73983e1cf5bc0ae721f4568cc24a5b5067b6b90b\"\u003e\u003ccode\u003e73983e1\u003c/code\u003e\u003c/a\u003e Fix 'Sourcemap is likely to be incorrect' warnings when using `@tailwindcss/v...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router-dom` from 7.16.0 to 7.17.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md\"\u003ereact-router-dom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.17.0\"\u003e\u003ccode\u003ereact-router@7.17.0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/195a0d03c1417127ccee73853058c8521beb4fce\"\u003e\u003ccode\u003e195a0d0\u003c/code\u003e\u003c/a\u003e Release v7.17.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15145\"\u003e#15145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router-dom@7.17.0/packages/react-router-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tailwindcss` from 4.3.0 to 4.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/releases\"\u003etailwindcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md\"\u003etailwindcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.3.1] - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8a14a710102cae195f6811e8578bef9477bc6be9\"\u003e\u003ccode\u003e8a14a71\u003c/code\u003e\u003c/a\u003e 4.3.1 (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20226\"\u003e#20226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/12833aa4b3a8813fd32da74be7a2fd75aa706ab7\"\u003e\u003ccode\u003e12833aa\u003c/code\u003e\u003c/a\u003e Fix canonicalization bug where we end up with a high precision number (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/97a5b3abfb75ce9722266cd323a24eee057634fc\"\u003e\u003ccode\u003e97a5b3a\u003c/code\u003e\u003c/a\u003e docs: fix double word 'to to' in test comment (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20216\"\u003e#20216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/d01e103cc4741c29764afaa287d2fb21356f7eea\"\u003e\u003ccode\u003ed01e103\u003c/code\u003e\u003c/a\u003e Add missing \u003ccode\u003einset\u003c/code\u003e keyword for \u003ccode\u003einset-shadow-none\u003c/code\u003e (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/ad6693906a321912c90fd13c4a92e2cb26660985\"\u003e\u003ccode\u003ead66939\u003c/code\u003e\u003c/a\u003e Allow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/efae52c3af50300d5066596a6acbaf87e68ef9e4\"\u003e\u003ccode\u003eefae52c\u003c/code\u003e\u003c/a\u003e Simplify CSS when using utilities that use a \u003ccode\u003e*-0\u003c/code\u003e or \u003ccode\u003e*-1\u003c/code\u003e value (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/6b43b6400a743a508afd712b50a73b2d3feb6444\"\u003e\u003ccode\u003e6b43b64\u003c/code\u003e\u003c/a\u003e Canonicalization: limit arbitrary to bare values conversion (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/d4f24c5f161b553dd99aef294ef6635093d1c440\"\u003e\u003ccode\u003ed4f24c5\u003c/code\u003e\u003c/a\u003e Fix invalid canonicalization where \u003ccode\u003e0\\\u0026lt;unit\u0026gt;\u003c/code\u003e was migrated to \u003ccode\u003e0\u003c/code\u003e (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/749c45ef26735c59a446fc5e13e96359b68b9082\"\u003e\u003ccode\u003e749c45e\u003c/code\u003e\u003c/a\u003e Expose \u003ccode\u003eindex\u003c/code\u003e and \u003ccode\u003esiblings\u003c/code\u003e on walk context (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20109\"\u003e#20109\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8dcdb66e8a58b9df621ed1a9cb59396e0ddb6dd7\"\u003e\u003ccode\u003e8dcdb66\u003c/code\u003e\u003c/a\u003e Bump dependencies (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20095\"\u003e#20095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/tailwindcss\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/react` from 19.2.16 to 19.2.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint-plugin-react-refresh` from 0.5.2 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases\"\u003eeslint-plugin-react-refresh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix check for non component class exported via \u003ccode\u003eexport { }\u003c/code\u003e \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110\"\u003e#110\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109\"\u003e#109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md\"\u003eeslint-plugin-react-refresh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix check for non component class exported via \u003ccode\u003eexport { }\u003c/code\u003e \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110\"\u003e#110\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109\"\u003e#109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/00818e991486da1e4b76f510f5f9113271549944\"\u003e\u003ccode\u003e00818e9\u003c/code\u003e\u003c/a\u003e v0.5.3 [publish]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/202fc4a8bddcfb442a317ad604693d8436c3d3ea\"\u003e\u003ccode\u003e202fc4a\u003c/code\u003e\u003c/a\u003e Fix PascalCase class exported via \u003ccode\u003eexport { Name }\u003c/code\u003e incorrectly treated as Re...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.5.2...v0.5.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/ARCHITA-ROY/FitMart/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARCHITA-ROY%2FFitMart/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"},{"uuid":"4661166175","node_id":"PR_kwDOScA0Sc7mVdZF","number":184,"state":"open","title":"build(deps): bump the production-dependencies group across 1 directory with 63 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T00:25:37.000Z","updated_at":"2026-06-15T00:25:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"production-dependencies","update_count":63,"packages":[{"name":"@hookform/resolvers","old_version":"3.9.0","new_version":"5.4.0","repository_url":"https://github.com/react-hook-form/resolvers"},{"name":"@radix-ui/react-accordion","old_version":"1.2.1","new_version":"1.2.13","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-alert-dialog","old_version":"1.1.2","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-aspect-ratio","old_version":"1.1.0","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-avatar","old_version":"1.1.1","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-checkbox","old_version":"1.1.2","new_version":"1.3.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-context-menu","old_version":"2.2.2","new_version":"2.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-dropdown-menu","old_version":"2.1.2","new_version":"2.1.17","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-hover-card","old_version":"1.1.2","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-label","old_version":"2.1.0","new_version":"2.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-menubar","old_version":"1.1.2","new_version":"1.1.17","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-navigation-menu","old_version":"1.2.1","new_version":"1.2.15","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-popover","old_version":"1.1.2","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-progress","old_version":"1.1.0","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-radio-group","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-scroll-area","old_version":"1.2.0","new_version":"1.2.11","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-select","old_version":"2.1.2","new_version":"2.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-separator","old_version":"1.1.0","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-slider","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-slot","old_version":"1.1.0","new_version":"1.2.5","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-switch","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-tabs","old_version":"1.1.1","new_version":"1.1.14","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-toast","old_version":"1.2.2","new_version":"1.2.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-toggle","old_version":"1.1.0","new_version":"1.1.11","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-toggle-group","old_version":"1.1.0","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-tooltip","old_version":"1.1.4","new_version":"1.2.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@supabase/supabase-js","old_version":"2.58.0","new_version":"2.108.1","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@tanstack/react-query","old_version":"5.59.16","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"@tiptap/extension-color","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-highlight","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-horizontal-rule","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-mention","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-placeholder","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-table","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-table-cell","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-table-header","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-table-row","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-text-align","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-underline","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/react","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/starter-kit","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"cmdk","old_version":"1.0.0","new_version":"1.1.1","repository_url":"https://github.com/pacocoursey/cmdk"},{"name":"date-fns","old_version":"3.6.0","new_version":"4.4.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"embla-carousel-react","old_version":"8.3.0","new_version":"8.6.0","repository_url":"https://github.com/davidjerleke/embla-carousel"},{"name":"input-otp","old_version":"1.2.4","new_version":"1.4.2","repository_url":"https://github.com/guilhermerodz/input-otp"},{"name":"lucide-react","old_version":"0.462.0","new_version":"1.18.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"next-themes","old_version":"0.3.0","new_version":"0.4.6","repository_url":"https://github.com/pacocoursey/next-themes"},{"name":"react","old_version":"18.3.1","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-day-picker","old_version":"8.10.1","new_version":"10.0.1","repository_url":"https://github.com/gpbl/react-day-picker"},{"name":"react-dom","old_version":"18.3.1","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-resizable-panels","old_version":"2.1.5","new_version":"4.11.2","repository_url":"https://github.com/bvaughn/react-resizable-panels"},{"name":"react-router-dom","old_version":"6.27.0","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"recharts","old_version":"2.13.0","new_version":"3.8.1","repository_url":"https://github.com/recharts/recharts"},{"name":"sonner","old_version":"1.5.0","new_version":"2.0.7","repository_url":"https://github.com/emilkowalski/sonner"},{"name":"tailwind-merge","old_version":"2.5.4","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"vaul","old_version":"0.9.9","new_version":"1.1.2","repository_url":"https://github.com/emilkowalski/vaul"},{"name":"zod","old_version":"3.23.8","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-dependencies group with 58 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `3.9.0` | `5.4.0` |\n| [@radix-ui/react-accordion](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/accordion) | `1.2.1` | `1.2.13` |\n| [@radix-ui/react-alert-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/alert-dialog) | `1.1.2` | `1.1.16` |\n| [@radix-ui/react-aspect-ratio](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/aspect-ratio) | `1.1.0` | `1.1.9` |\n| [@radix-ui/react-avatar](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/avatar) | `1.1.1` | `1.1.12` |\n| [@radix-ui/react-checkbox](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/checkbox) | `1.1.2` | `1.3.4` |\n| [@radix-ui/react-context-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/context-menu) | `2.2.2` | `2.3.0` |\n| [@radix-ui/react-dropdown-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu) | `2.1.2` | `2.1.17` |\n| [@radix-ui/react-hover-card](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/hover-card) | `1.1.2` | `1.1.16` |\n| [@radix-ui/react-label](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/label) | `2.1.0` | `2.1.9` |\n| [@radix-ui/react-menubar](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/menubar) | `1.1.2` | `1.1.17` |\n| [@radix-ui/react-navigation-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/navigation-menu) | `1.2.1` | `1.2.15` |\n| [@radix-ui/react-popover](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover) | `1.1.2` | `1.1.16` |\n| [@radix-ui/react-progress](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/progress) | `1.1.0` | `1.1.9` |\n| [@radix-ui/react-radio-group](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radio-group) | `1.2.1` | `1.4.0` |\n| [@radix-ui/react-scroll-area](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/scroll-area) | `1.2.0` | `1.2.11` |\n| [@radix-ui/react-select](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select) | `2.1.2` | `2.3.0` |\n| [@radix-ui/react-separator](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/separator) | `1.1.0` | `1.1.9` |\n| [@radix-ui/react-slider](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slider) | `1.2.1` | `1.4.0` |\n| [@radix-ui/react-slot](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slot) | `1.1.0` | `1.2.5` |\n| [@radix-ui/react-switch](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/switch) | `1.1.1` | `1.3.0` |\n| [@radix-ui/react-tabs](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tabs) | `1.1.1` | `1.1.14` |\n| [@radix-ui/react-toast](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toast) | `1.2.2` | `1.2.16` |\n| [@radix-ui/react-toggle](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toggle) | `1.1.0` | `1.1.11` |\n| [@radix-ui/react-toggle-group](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toggle-group) | `1.1.0` | `1.1.12` |\n| [@radix-ui/react-tooltip](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tooltip) | `1.1.4` | `1.2.9` |\n| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.58.0` | `2.108.1` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.59.16` | `5.101.0` |\n| [@tiptap/extension-color](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-color) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-highlight](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-highlight) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-horizontal-rule](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-horizontal-rule) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-mention](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-mention) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-placeholder](https://github.com/ueberdosis/tiptap/tree/HEAD/packages-deprecated/extension-placeholder) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-table](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-table) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-table-cell](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-table-cell) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-table-header](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-table-header) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-table-row](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-table-row) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-text-align](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-text-align) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-underline](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-underline) | `3.19.0` | `3.26.1` |\n| [@tiptap/react](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/react) | `3.19.0` | `3.26.1` |\n| [@tiptap/starter-kit](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/starter-kit) | `3.19.0` | `3.26.1` |\n| [cmdk](https://github.com/pacocoursey/cmdk/tree/HEAD/cmdk) | `1.0.0` | `1.1.1` |\n| [date-fns](https://github.com/date-fns/date-fns) | `3.6.0` | `4.4.0` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.8` | `3.4.10` |\n| [embla-carousel-react](https://github.com/davidjerleke/embla-carousel) | `8.3.0` | `8.6.0` |\n| [input-otp](https://github.com/guilhermerodz/input-otp/tree/HEAD/packages/input-otp) | `1.2.4` | `1.4.2` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.462.0` | `1.18.0` |\n| [next-themes](https://github.com/pacocoursey/next-themes) | `0.3.0` | `0.4.6` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `18.3.1` | `19.2.7` |\n| [react-day-picker](https://github.com/gpbl/react-day-picker/tree/HEAD/packages/react-day-picker) | `8.10.1` | `10.0.1` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `18.3.1` | `19.2.7` |\n| [react-resizable-panels](https://github.com/bvaughn/react-resizable-panels) | `2.1.5` | `4.11.2` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `6.27.0` | `7.17.0` |\n| [recharts](https://github.com/recharts/recharts) | `2.13.0` | `3.8.1` |\n| [sonner](https://github.com/emilkowalski/sonner) | `1.5.0` | `2.0.7` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `2.5.4` | `3.6.0` |\n| [vaul](https://github.com/emilkowalski/vaul) | `0.9.9` | `1.1.2` |\n| [zod](https://github.com/colinhacks/zod) | `3.23.8` | `4.4.3` |\n\n\nUpdates `@hookform/resolvers` from 3.9.0 to 5.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react-hook-form/resolvers/releases\"\u003e@​hookform/resolvers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.3.0...v5.4.0\"\u003e5.4.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eadd guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)  (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e3d29924\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-09-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e fix output type for Zod 4 resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/e95721d3c8c6d6e555508b0e7b21c6ac801360cf\"\u003ee95721d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.2.0...v5.2.1\"\u003e5.2.1\u003c/a\u003e (2025-07-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ediscriminated union for zod v4 mini (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/49a0d7ba939f58e04ca2d01a98949fc70f50b53e\"\u003e49a0d7b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ezod v4 peer deps (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/2d28e6aca611b042e07da0ae4cf448adbe78e1f3\"\u003e2d28e6a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e fix output type for Zod 4 resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/801\"\u003e#801\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/bc09647a5eec21d07097a8ccf89fb52ebf50a1ec\"\u003ebc09647\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.1.1...v5.2.0\"\u003e5.2.0\u003c/a\u003e (2025-07-25)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eajv:\u003c/strong\u003e add ajv-formats for ajvResolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/797\"\u003e#797\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/f04003972a3cc7875beb073ff88c942deb6a2086\"\u003ef040039\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ezod peer dep issue (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/79cd8b284da29a5a42cd5fdafa2e767747fcfcf7\"\u003e79cd8b2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.0.1...v5.1.0\"\u003e5.1.0\u003c/a\u003e (2025-06-07)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e\u003ccode\u003e3d29924\u003c/code\u003e\u003c/a\u003e feat: add guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/56b68f3798612601190a533887847d8fef2c94af\"\u003e\u003ccode\u003e56b68f3\u003c/code\u003e\u003c/a\u003e feat: 5.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/cf8562d88ce3a1658676b2ef996347f29e05b3ee\"\u003e\u003ccode\u003ecf8562d\u003c/code\u003e\u003c/a\u003e update readme on ata-validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/5e5b6103692fa599ddacca39a03bf707e73a5012\"\u003e\u003ccode\u003e5e5b610\u003c/code\u003e\u003c/a\u003e fix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/72aacf8604d697a29a1859f8bffccf18adb86add\"\u003e\u003ccode\u003e72aacf8\u003c/code\u003e\u003c/a\u003e Revise supported versions in SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/ad89a20d869f2dc21b905168c5578b3522c01b64\"\u003e\u003ccode\u003ead89a20\u003c/code\u003e\u003c/a\u003e feat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/02286db88310fd23e1de61ad880c23e210801813\"\u003e\u003ccode\u003e02286db\u003c/code\u003e\u003c/a\u003e ci: updated publish workflow to use node 24 (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/2e9bc7c7d02506d336e20d8c0bae0c479f3662ec\"\u003e\u003ccode\u003e2e9bc7c\u003c/code\u003e\u003c/a\u003e Fix(zodResolver): error paths in complex unions \u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/787\"\u003e#787\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/819\"\u003e#819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/e95721d3c8c6d6e555508b0e7b21c6ac801360cf\"\u003e\u003ccode\u003ee95721d\u003c/code\u003e\u003c/a\u003e fix(zod): fix output type for Zod 4 resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/49a0d7ba939f58e04ca2d01a98949fc70f50b53e\"\u003e\u003ccode\u003e49a0d7b\u003c/code\u003e\u003c/a\u003e fix: discriminated union for zod v4 mini (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v3.9.0...v5.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-accordion` from 1.2.1 to 1.2.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/accordion/CHANGELOG.md\"\u003e@​radix-ui/react-accordion's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/accordion\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-accordion\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-alert-dialog` from 1.1.2 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/alert-dialog/CHANGELOG.md\"\u003e@​radix-ui/react-alert-dialog's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dialog@1.1.15\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/alert-dialog/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.14\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dialog@1.1.13\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dialog@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/alert-dialog\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-alert-dialog\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-aspect-ratio` from 1.1.0 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/aspect-ratio/CHANGELOG.md\"\u003e@​radix-ui/react-aspect-ratio's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/aspect-ratio/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/aspect-ratio\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-aspect-ratio\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-avatar` from 1.1.1 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/avatar/CHANGELOG.md\"\u003e@​radix-ui/react-avatar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/avatar\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-avatar\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-checkbox` from 1.1.2 to 1.3.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/checkbox/CHANGELOG.md\"\u003e@​radix-ui/react-checkbox's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.3.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/checkbox/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix type error emitted in build artifacts\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd unstable \u003ccode\u003eProvider\u003c/code\u003e, \u003ccode\u003eTrigger\u003c/code\u003e and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Checkbox (\u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3459\"\u003e#3459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAll form controls with internal bubble inputs now use the Radix \u003ccode\u003ePrimitive\u003c/code\u003e component by default. This will allow us to expose these components directly so users can better control this behavior in the future.\u003c/li\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/checkbox/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/checkbox\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-checkbox\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-collapsible` from 1.1.1 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/collapsible/CHANGELOG.md\"\u003e@​radix-ui/react-collapsible's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/collapsible\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-collapsible\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-context-menu` from 2.2.2 to 2.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/context-menu/CHANGELOG.md\"\u003e@​radix-ui/react-context-menu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for a controlled \u003ccode\u003eopen\u003c/code\u003e prop on \u003ccode\u003eContextMenu.Root\u003c/code\u003e. This is intended for reading the open state and closing the menu programmatically, though we discourage opening the menu programmatically since opening the menu depends on user interaction to position the menu.\u003c/li\u003e\n\u003cli\u003eFixed bug in context menu where submenus stayed expanded after re-opening on long-press touch events\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.17\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/context-menu/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.15\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.14\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.13\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.12\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/context-menu/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/context-menu\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-context-menu\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-dialog` from 1.1.2 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/dialog/CHANGELOG.md\"\u003e@​radix-ui/react-dialog's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed disabled pointer events in closed dialogs\u003c/li\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dialog\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-dialog\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-dropdown-menu` from 2.1.2 to 2.1.17\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/dropdown-menu/CHANGELOG.md\"\u003e@​radix-ui/react-dropdown-menu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.17\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.15\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.14\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.13\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.12\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dropdown-menu\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-dropdown-menu\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-hover-card` from 1.1.2 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/hover-card/CHANGELOG.md\"\u003e@​radix-ui/react-hover-card's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/hover-card/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/hover-card/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/hover-card\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-hover-card\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-label` from 2.1.0 to 2.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/label/CHANGELOG.md\"\u003e@​radix-ui/react-label's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/label/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/label\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-label\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-menubar` from 1.1.2 to 1.1.17\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/menubar/CHANGELOG.md\"\u003e@​radix-ui/react-menubar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.17\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/menubar/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-roving-focus@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.15\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.14\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.13\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.12\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-roving-focus@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/menubar/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/menubar\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-menubar\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-navigation-menu` from 1.2.1 to 1.2.15\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/navigation-menu/CHANGELOG.md\"\u003e@​radix-ui/react-navigation-menu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/navigation-menu\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-navigation-menu\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-popover` from 1.1.2 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/popover/CHANGELOG.md\"\u003e@​radix-ui/react-popover's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/popover\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-popover\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-progress` from 1.1.0 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/progress/CHANGELOG.md\"\u003e@​radix-ui/react-progress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/progress/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/progress\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-progress\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-radio-group` from 1.2.1 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/radio-group/CHANGELOG.md\"\u003e@​radix-ui/react-radio-group's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eRadioGroupItemProvider\u003c/code\u003e, \u003ccode\u003eRadioGroupItemTrigger\u003c/code\u003e and \u003ccode\u003eRadioGroupItemBubbleInput\u003c/code\u003e parts. These expose the previously internal composition of a radio item (context provider, the interactive control, and the hidden form input) so consumers can directly access and recompose them. The \u003ccode\u003eRadioGroupItem\u003c/code\u003e component continues to render them by default.\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radio-group/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-roving-focus@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAllow passing value of \u003ccode\u003enull\u003c/code\u003e to controlled Radio Group when all items are unchecked\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-roving-focus@1.1.7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAll form controls with internal bubble inputs now use the Radix \u003ccode\u003ePrimitive\u003c/code\u003e component by default. This will allow us to expose these components directly so users can better control this behavior in the future.\u003c/li\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radio-group/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/radio-group\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-radio-group\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-scroll-area` from 1.2.0 to 1.2.11\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/scroll-area/CHANGELOG.md\"\u003e@​radix-ui/react-scroll-area's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003edata-state\u003c/code\u003e attribute for Scroll Area scrollbars\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/scroll-area/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/scroll-area\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-scroll-area\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-select` from 2.1.2 to 2.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/select/CHANGELOG.md\"\u003e@​radix-ui/react-select's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eProvider\u003c/code\u003e and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Select. \u003ccode\u003eSelect.unstable_Provider\u003c/code\u003e sets up Select's context and state without implicitly rendering the hidden native \u003ccode\u003eselect\u003c/code\u003e, and \u003ccode\u003eSelect.unstable_BubbleInput\u003c/code\u003e exposes that previously internal native \u003ccode\u003eselect\u003c/code\u003e so consumers can recompose it explicitly. \u003ccode\u003eSelect\u003c/code\u003e continues to render both by default.\u003c/li\u003e\n\u003cli\u003eAdded support for presence-based exit animations in Select\u003c/li\u003e\n\u003cli\u003eFixed Select hidden input so it submits empty string when no value is selected\u003c/li\u003e\n\u003cli\u003eFixed placeholder rendering when a controlled Select is reset to an empty value\u003c/li\u003e\n\u003cli\u003eAdded missing \u003ccode\u003e__selectScope\u003c/code\u003e prop to \u003ccode\u003ePopperContent\u003c/code\u003e component\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eSelect\u003c/code\u003e closing unexpectedly after touch-scrolling its content when rendered inside an open shadow DOM\u003c/li\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eSelectValue\u003c/code\u003e logging invalid prop errors when used with both \u003ccode\u003easChild\u003c/code\u003e and a placeholder\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAll form controls with internal bubble inputs now use the Radix \u003ccode\u003ePrimitive\u003c/code\u003e component by default. This will allow us to expose these components directly so users can better control this behavior in the future.\u003c/li\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/select\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-select\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-separator` from 1.1.0 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/separator/CHANGELOG.md\"\u003e@​radix-ui/react-separator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/separator/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/separator\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-separator\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-slider` from 1.2.1 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/slider/CHANGELOG.md\"\u003e@​radix-ui/react-slider's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eThumbProvider\u003c/code\u003e, \u003ccode\u003eThumbTrigger\u003c/code\u003e, and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Slider. \u003ccode\u003eSliderThumb\u003c/code\u003e was previously a single component that implicitly rendered a hidden native input for form submission. It is now composed from these new parts, which are exposed so consumers can decouple the bubble input from the thumb (for example, to render or customize it independently) instead of relying on \u003ccode\u003eSliderThumb\u003c/code\u003e to render it implicitly. \u003ccode\u003eSliderThumb\u003c/code\u003e continues to render all three by default, so existing usage is unaffected.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003efocusVisible\u003c/code\u003e for non-keyboard interactions with slider thumbs for progressively enabling styles using \u003ccode\u003e:focus-visible\u003c/code\u003e alongside programmatic focus management\u003c/li\u003e\n\u003cli\u003eFixed Slider focus bugs in scrollable context\u003c/li\u003e\n\u003cli\u003eFixed a Slider bug where very small \u003ccode\u003estep\u003c/code\u003e values made the thumbs unresponsive\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slider/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/l...\n\n_Description has been truncated_","html_url":"https://github.com/yuna01066/acbanksysver2/pull/184","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yuna01066%2Facbanksysver2/issues/184","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/184/packages"}],"issue_packages":[{"old_version":"3.4.8","new_version":"3.4.9","update_type":"patch","path":null,"pr_created_at":"2026-06-16T08:56:48.000Z","version_change":"3.4.8 → 3.4.9","issue":{"uuid":"4672641961","node_id":"PR_kwDOSnpDf87m7EVi","number":105,"state":"open","title":"chore(deps): Bump dompurify from 3.4.8 to 3.4.9","user":"dependabot[bot]","labels":["area/ci","dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T08:56:48.000Z","updated_at":"2026-06-16T08:57:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":null,"ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/OpenLatch/saferskills/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/OpenLatch/saferskills/pull/105","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenLatch%2Fsaferskills/issues/105","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/105/packages"}},{"old_version":"3.4.8","new_version":"3.4.9","update_type":"patch","path":null,"pr_created_at":"2026-06-16T06:46:17.000Z","version_change":"3.4.8 → 3.4.9","issue":{"uuid":"4671758737","node_id":"PR_kwDOABZUws7m4LhF","number":5634,"state":"open","title":"Bump dompurify from 3.4.8 to 3.4.9","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T06:46:17.000Z","updated_at":"2026-06-16T06:46:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":null,"ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xwiki/xwiki-platform/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/xwiki/xwiki-platform/pull/5634","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/xwiki%2Fxwiki-platform/issues/5634","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5634/packages"}},{"old_version":"3.4.0","new_version":"3.4.9","update_type":"patch","path":null,"pr_created_at":"2026-06-16T06:30:11.000Z","version_change":"3.4.0 → 3.4.9","issue":{"uuid":"4671670095","node_id":"PR_kwDOH9by-c7m35aZ","number":1087,"state":"open","title":"deps: bump dompurify from 3.4.0 to 3.4.9","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T06:30:11.000Z","updated_at":"2026-06-16T06:37:03.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps","packages":[{"name":"dompurify","old_version":"3.4.0","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":null,"ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.0 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🚨 \u003cstrong\u003eThis release had been flagged as deprecated, please use DOMPurify 3.4.5 instead\u003c/strong\u003e 🚨\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue with handling of nested Shadow DOM trees, thanks \u003ca href=\"https://github.com/fishjojo1\"\u003e\u003ccode\u003e@​fishjojo1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the template regexes to be more robust against ReDoS attacks, thanks \u003ca href=\"https://github.com/aleung27\"\u003e\u003ccode\u003e@​aleung27\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the node iteration code to catch more Shadow DOM related issues\u003c/li\u003e\n\u003cli\u003eUpdated Playwright and added Node 26 to test matrix\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, release signing, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/09f59115a311469de5b625225760593e551f080a\"\u003e\u003ccode\u003e09f5911\u003c/code\u003e\u003c/a\u003e test: added three more browsers to test setup (OSX, mobile)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.0...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.0\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/City-of-Helsinki/events-helsinki-monorepo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/City-of-Helsinki/events-helsinki-monorepo/pull/1087","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/City-of-Helsinki%2Fevents-helsinki-monorepo/issues/1087","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1087/packages"}},{"old_version":"2.4.7","new_version":"3.4.10","update_type":"major","path":"/packages/gpt-gateway-admin","pr_created_at":"2026-06-16T05:34:53.000Z","version_change":"2.4.7 → 3.4.10","issue":{"uuid":"4671373272","node_id":"PR_kwDOD6r2i87m29lb","number":9936,"state":"open","title":"chore(deps): bump dompurify and react-admin in /packages/gpt-gateway-admin","user":"dependabot[bot]","labels":["javascript","app:gpt-gateway-admin","dependencies","lib:gpt-gateway-admin"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T05:34:53.000Z","updated_at":"2026-06-16T05:39:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"dompurify","repository_url":"https://github.com/cure53/DOMPurify","old_version":"2.4.7","new_version":"3.4.10"},{"name":"react-admin","repository_url":"https://github.com/marmelab/react-admin","old_version":"3.19.12","new_version":"5.14.7"}],"path":"/packages/gpt-gateway-admin","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) to 3.4.10 and updates ancestor dependency [react-admin](https://github.com/marmelab/react-admin). These dependencies need to be updated together.\n\nUpdates `dompurify` from 2.4.7 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/2.4.7...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-admin` from 3.19.12 to 5.14.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/marmelab/react-admin/releases\"\u003ereact-admin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.14.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eAutocompleteInput\u003c/code\u003e does not open autocomplete options when \u003ccode\u003eshouldRenderSuggestions\u003c/code\u003e returns false (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11263\"\u003e#11263\u003c/a\u003e) (\u003ca href=\"https://github.com/jonathanarnault\"\u003ejonathanarnault\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Doc] Fix typos in the \u003ccode\u003eRichTextInput\u003c/code\u003e docs (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11250\"\u003e#11250\u003c/a\u003e) (\u003ca href=\"https://github.com/fengfeng-zi\"\u003efengfeng-zi\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[TypeScript] Fix \u003ccode\u003eArrayField\u003c/code\u003e doesn't accept a label prop (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11264\"\u003e#11264\u003c/a\u003e) (\u003ca href=\"https://github.com/fzaninotto\"\u003efzaninotto\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Chore] Add tests to cover \u003ccode\u003eList\u003c/code\u003e empty state with permanent filters (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11235\"\u003e#11235\u003c/a\u003e) (\u003ca href=\"https://github.com/terminalchai\"\u003eterminalchai\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump devalue from 5.6.4 to 5.8.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11260\"\u003e#11260\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump systeminformation from 5.31.1 to 5.31.6 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11258\"\u003e#11258\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e from 7.29.0 to 7.29.4 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11256\"\u003e#11256\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11255\"\u003e#11255\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.14 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11253\"\u003e#11253\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump axios from 1.15.0 to 1.16.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11252\"\u003e#11252\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ip-address from 10.1.0 to 10.2.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11251\"\u003e#11251\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump dompurify from 3.3.2 to 3.4.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11245\"\u003e#11245\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.14.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix possible prototype-polluting assignments in local data providers (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11227\"\u003e#11227\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix duplicate IDs in \u003ccode\u003e\u0026lt;FieldToggle\u0026gt;\u003c/code\u003e when multiple column pickers are present (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11238\"\u003e#11238\u003c/a\u003e) (\u003ca href=\"https://github.com/Yashrajsingh2001\"\u003eYashrajsingh2001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incomplete string escaping  in \u003ccode\u003eescapePath\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11226\"\u003e#11226\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;FormDataConsumer\u0026gt;\u003c/code\u003e to avoid ReDoS in source detection (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11224\"\u003e#11224\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;RichTextField\u0026gt;\u003c/code\u003e tag-stripping feature is polynomial and does not strip unfinished tags (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11225\"\u003e#11225\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;ArrayInput\u0026gt;\u003c/code\u003e shows validation error on mount when \u003ccode\u003emode=\u0026quot;onChange\u0026quot;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11195\"\u003e#11195\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11240\"\u003e#11240\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump axios from 1.13.6 to 1.15.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11237\"\u003e#11237\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11234\"\u003e#11234\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump defu from 6.1.4 to 6.1.6 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11230\"\u003e#11230\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.23 to 4.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11229\"\u003e#11229\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump lodash-es from 4.17.23 to 4.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11228\"\u003e#11228\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[chore] Restrict test workflow token permissions (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11223\"\u003e#11223\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.14.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ArrayFieldBase component (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11191\"\u003e#11191\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] Prevent stale nested field values when re-adding items in SimpleFormIterator (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11201\"\u003e#11201\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euseCreate\u003c/code\u003e fails to update the cache when \u003ccode\u003eid\u003c/code\u003e equals 0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11199\"\u003e#11199\u003c/a\u003e) (\u003ca href=\"https://github.com/ThieryMichel\"\u003eThieryMichel\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mutation hooks types (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11024\"\u003e#11024\u003c/a\u003e) (\u003ca href=\"https://github.com/djhi\"\u003edjhi\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Doc] Add ArrayFieldBase headless documentation (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11192\"\u003e#11192\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[chore] Fix headless docs build (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11188\"\u003e#11188\u003c/a\u003e) (\u003ca href=\"https://github.com/slax57\"\u003eslax57\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump path-to-regexp from 0.1.12 to 0.1.13 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11210\"\u003e#11210\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.7 to 4.7.9 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11206\"\u003e#11206\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump astro from 5.15.9 to 5.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11205\"\u003e#11205\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11203\"\u003e#11203\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump smol-toml from 1.5.2 to 1.6.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11202\"\u003e#11202\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11197\"\u003e#11197\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump h3 from 1.15.8 to 1.15.9 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11196\"\u003e#11196\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump h3 from 1.15.5 to 1.15.8 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11194\"\u003e#11194\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump devalue from 5.6.3 to 5.6.4 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11189\"\u003e#11189\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix tar security alerts (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11215\"\u003e#11215\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix markdown-it security alert (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11214\"\u003e#11214\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix minimatch security alerts (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11213\"\u003e#11213\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix ejs dependabot alert (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11211\"\u003e#11211\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix picomatch dependabot alert (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11212\"\u003e#11212\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/marmelab/react-admin/blob/master/CHANGELOG.md\"\u003ereact-admin's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.14.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eAutocompleteInput\u003c/code\u003e does not open autocomplete options when \u003ccode\u003eshouldRenderSuggestions\u003c/code\u003e returns false (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11263\"\u003e#11263\u003c/a\u003e) (\u003ca href=\"https://github.com/jonathanarnault\"\u003ejonathanarnault\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Doc] Fix typos in the \u003ccode\u003eRichTextInput\u003c/code\u003e docs (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11250\"\u003e#11250\u003c/a\u003e) (\u003ca href=\"https://github.com/fengfeng-zi\"\u003efengfeng-zi\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[TypeScript] Fix \u003ccode\u003eArrayField\u003c/code\u003e doesn't accept a label prop (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11264\"\u003e#11264\u003c/a\u003e) (\u003ca href=\"https://github.com/fzaninotto\"\u003efzaninotto\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Chore] Add tests to cover \u003ccode\u003eList\u003c/code\u003e empty state with permanent filters (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11235\"\u003e#11235\u003c/a\u003e) (\u003ca href=\"https://github.com/terminalchai\"\u003eterminalchai\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump devalue from 5.6.4 to 5.8.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11260\"\u003e#11260\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump systeminformation from 5.31.1 to 5.31.6 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11258\"\u003e#11258\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e from 7.29.0 to 7.29.4 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11256\"\u003e#11256\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11255\"\u003e#11255\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.14 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11253\"\u003e#11253\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump axios from 1.15.0 to 1.16.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11252\"\u003e#11252\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ip-address from 10.1.0 to 10.2.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11251\"\u003e#11251\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump dompurify from 3.3.2 to 3.4.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11245\"\u003e#11245\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.14.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix possible prototype-polluting assignments in local data providers (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11227\"\u003e#11227\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix duplicate IDs in \u003ccode\u003e\u0026lt;FieldToggle\u0026gt;\u003c/code\u003e when multiple column pickers are present (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11238\"\u003e#11238\u003c/a\u003e) (\u003ca href=\"https://github.com/Yashrajsingh2001\"\u003eYashrajsingh2001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incomplete string escaping  in \u003ccode\u003eescapePath\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11226\"\u003e#11226\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;FormDataConsumer\u0026gt;\u003c/code\u003e to avoid ReDoS in source detection (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11224\"\u003e#11224\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;RichTextField\u0026gt;\u003c/code\u003e tag-stripping feature is polynomial and does not strip unfinished tags (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11225\"\u003e#11225\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e\u0026lt;ArrayInput\u0026gt;\u003c/code\u003e shows validation error on mount when \u003ccode\u003emode=\u0026quot;onChange\u0026quot;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11195\"\u003e#11195\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11240\"\u003e#11240\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump axios from 1.13.6 to 1.15.0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11237\"\u003e#11237\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11234\"\u003e#11234\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump defu from 6.1.4 to 6.1.6 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11230\"\u003e#11230\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.23 to 4.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11229\"\u003e#11229\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump lodash-es from 4.17.23 to 4.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11228\"\u003e#11228\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[chore] Restrict test workflow token permissions (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11223\"\u003e#11223\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.14.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ArrayFieldBase component (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11191\"\u003e#11191\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] Prevent stale nested field values when re-adding items in SimpleFormIterator (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11201\"\u003e#11201\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euseCreate\u003c/code\u003e fails to update the cache when \u003ccode\u003eid\u003c/code\u003e equals 0 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11199\"\u003e#11199\u003c/a\u003e) (\u003ca href=\"https://github.com/ThieryMichel\"\u003eThieryMichel\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mutation hooks types (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11024\"\u003e#11024\u003c/a\u003e) (\u003ca href=\"https://github.com/djhi\"\u003edjhi\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Doc] Add ArrayFieldBase headless documentation (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11192\"\u003e#11192\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[chore] Fix headless docs build (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11188\"\u003e#11188\u003c/a\u003e) (\u003ca href=\"https://github.com/slax57\"\u003eslax57\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump path-to-regexp from 0.1.12 to 0.1.13 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11210\"\u003e#11210\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.7 to 4.7.9 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11206\"\u003e#11206\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump astro from 5.15.9 to 5.18.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11205\"\u003e#11205\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11203\"\u003e#11203\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump smol-toml from 1.5.2 to 1.6.1 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11202\"\u003e#11202\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11197\"\u003e#11197\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump h3 from 1.15.8 to 1.15.9 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11196\"\u003e#11196\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump h3 from 1.15.5 to 1.15.8 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11194\"\u003e#11194\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump devalue from 5.6.3 to 5.6.4 (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11189\"\u003e#11189\u003c/a\u003e) (\u003ca href=\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix tar security alerts (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11215\"\u003e#11215\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix markdown-it security alert (\u003ca href=\"https://redirect.github.com/marmelab/react-admin/pull/11214\"\u003e#11214\u003c/a\u003e) (\u003ca href=\"https://github.com/WiXSL\"\u003eWiXSL\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eUpgrade guide\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/Upgrade.md\"\u003ereact-admin's upgrade guide\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003chr /\u003e\n\u003ch2\u003elayout: default\ntitle: \u0026quot;Upgrading to v5\u0026quot;\u003c/h2\u003e\n\u003ch1\u003eUpgrading to v5\u003c/h1\u003e\n\u003cp\u003eReact-admin v5 mostly focuses on removing deprecated features and upgrading dependencies. This makes the upgrade process easier than previous versions. However, there are still some breaking changes you should be aware of.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#ie11-is-no-longer-supported\"\u003eIE11 Is No Longer Supported\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#dependencies\"\u003eDependencies\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#react-18\"\u003eReact 18\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#use-tanstackreact-query-instead-of-react-query\"\u003eUse @​tanstack/react-query instead of react-query\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#minor-dependencies\"\u003eMinor Dependencies\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#ui-changes\"\u003eUI Changes\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#inputs-have-full-width-by-default\"\u003eInputs Have Full Width By Default\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#links-are-now-underlined-by-default\"\u003eLinks are now underlined by default\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#dark-theme-is-available-by-default\"\u003eDark Theme Is Available By Default\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#data-provider\"\u003eData Provider\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#ra-data-graphql-and-ra-data-graphql-simple-no-longer-return-a-promise\"\u003e\u003ccode\u003era-data-graphql\u003c/code\u003e And \u003ccode\u003era-data-graphql-simple\u003c/code\u003e No Longer Return A Promise\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#application-root--layout\"\u003eApplication Root \u0026amp; Layout\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#admin-menu-is-no-longer-supported\"\u003e\u003ccode\u003e\u0026lt;Admin menu\u0026gt;\u003c/code\u003e Is No Longer Supported\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#admin-history-prop-was-removed\"\u003e\u003ccode\u003e\u0026lt;Admin history\u0026gt;\u003c/code\u003e Prop Was Removed\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#historyrouter-was-removed\"\u003e\u003ccode\u003e\u0026lt;HistoryRouter\u0026gt;\u003c/code\u003e Was Removed\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-layout-no-longer-receives-props\"\u003eCustom Layout No Longer Receives Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-app-bars-no-longer-receive-props\"\u003eCustom App Bars No Longer Receive Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-menu-no-longer-receive-props\"\u003eCustom Menu No Longer Receive Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-error-page-no-longer-receives-title\"\u003eCustom Error Page No Longer Receives Title\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-catch-all-no-longer-receives-title\"\u003eCustom Catch All No Longer Receives Title\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#list-components\"\u003eList Components\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#list-components-can-no-longer-be-used-in-standalone\"\u003eList Components Can No Longer Be Used In Standalone\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#list-hascreate-is-no-longer-supported\"\u003e\u003ccode\u003e\u0026lt;List hasCreate\u0026gt;\u003c/code\u003e Is No Longer Supported\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#datagrid-rowclick-is-no-longer-false-by-default\"\u003e\u003ccode\u003e\u0026lt;Datagrid rowClick\u0026gt;\u003c/code\u003e is no longer false by default\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#datagrid-expand-components-no-longer-receive-any-props\"\u003e\u003ccode\u003e\u0026lt;Datagrid expand\u0026gt;\u003c/code\u003e Components No Longer Receive Any Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#datagrid-in-standalone-requires-a-resource-prop\"\u003e\u003ccode\u003e\u0026lt;Datagrid\u0026gt;\u003c/code\u003e In Standalone Requires a \u003ccode\u003eresource\u003c/code\u003e Prop\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#setfilters-is-no-longer-debounced-by-default\"\u003esetFilters Is No Longer Debounced By Default\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#updates-to-bulkactionbuttons-syntax\"\u003eUpdates to bulkActionButtons Syntax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#paginationlimit-component-was-removed\"\u003e\u003ccode\u003e\u0026lt;PaginationLimit\u0026gt;\u003c/code\u003e Component Was Removed\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#datagridbody-no-longer-provides-record-prop-to-datagridrow\"\u003e\u003ccode\u003e\u0026lt;DatagridBody\u0026gt;\u003c/code\u003e No Longer Provides record Prop To \u003ccode\u003e\u0026lt;DatagridRow\u0026gt;\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#userecordselection-props-have-changed\"\u003e\u003ccode\u003euseRecordSelection\u003c/code\u003e Props have changed\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#show-and-edit-pages\"\u003eShow and Edit Pages\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#custom-edit-or-show-actions-no-longer-receive-any-props\"\u003eCustom Edit or Show Actions No Longer Receive Any Props\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#inputs-default-ids-are-auto-generated\"\u003eInputs default ids are auto-generated\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#simpleformiterator-no-longer-clones-its-buttons\"\u003e\u003ccode\u003e\u0026lt;SimpleFormIterator\u0026gt;\u003c/code\u003e No Longer Clones Its Buttons\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#simpleformiterator-no-longer-clones-its-children\"\u003e\u003ccode\u003e\u0026lt;SimpleFormIterator\u0026gt;\u003c/code\u003e no longer clones its children\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#formdataconsumer-no-longer-passes-a-getsource-function\"\u003e\u003ccode\u003e\u0026lt;FormDataConsumer\u0026gt;\u003c/code\u003e no longer passes a getSource function\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#mutation-middlewares-no-longer-receive-the-mutation-options\"\u003eMutation Middlewares No Longer Receive The Mutation Options\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#warnwhenunsavedchanges-changes\"\u003e\u003ccode\u003ewarnWhenUnsavedChanges\u003c/code\u003e Changes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#global-server-side-validation-error-message-must-be-passed-via-the-rootservererror-key\"\u003eGlobal Server Side Validation Error Message Must Be Passed Via The \u003ccode\u003eroot.serverError\u003c/code\u003e Key\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/blob/master/docs/#input-components\"\u003eInput Components\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/93ff911afc5415e5e196baf5591380c322253708\"\u003e\u003ccode\u003e93ff911\u003c/code\u003e\u003c/a\u003e Update changelog for version 5.14.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/898d81bb6adcf1a424f8ad918e67a7d188f39236\"\u003e\u003ccode\u003e898d81b\u003c/code\u003e\u003c/a\u003e v5.14.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/6e0c663e5654c9d7b5c08fca01b4de6ce537a1be\"\u003e\u003ccode\u003e6e0c663\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/marmelab/react-admin/issues/11263\"\u003e#11263\u003c/a\u003e from marmelab/fix/3166-autocomplete-suggestions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/cb320e2bb817c11d617622c2a19f0c8ad83494bc\"\u003e\u003ccode\u003ecb320e2\u003c/code\u003e\u003c/a\u003e Apply review\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/588e54f25254adc0f8263bfd98511ce4732083b5\"\u003e\u003ccode\u003e588e54f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/marmelab/react-admin/issues/11258\"\u003e#11258\u003c/a\u003e from marmelab/dependabot/npm_and_yarn/systeminforma...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/b197442116e45b283a67d7631c137a2f2284e4cb\"\u003e\u003ccode\u003eb197442\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/marmelab/react-admin/issues/11264\"\u003e#11264\u003c/a\u003e from marmelab/fix-array-field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/26471199eb7134485a0f10f2406f8dcb9c7ac322\"\u003e\u003ccode\u003e2647119\u003c/code\u003e\u003c/a\u003e [typeScript] Fix ArrayField doesn't accept a label prop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/9be13cbe0bbf68ee0a8f0a087be204500a2bd910\"\u003e\u003ccode\u003e9be13cb\u003c/code\u003e\u003c/a\u003e Fix(AutocompleteInput): do not open autocomplete options when shouldRenderSug...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/ba76aad10d9d5d14fb734546656e7cfc70a94c31\"\u003e\u003ccode\u003eba76aad\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/marmelab/react-admin/issues/11260\"\u003e#11260\u003c/a\u003e from marmelab/dependabot/npm_and_yarn/devalue-5.8.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marmelab/react-admin/commit/c94506e05368ab37a1e76438e2a1da3c25a00e7e\"\u003e\u003ccode\u003ec94506e\u003c/code\u003e\u003c/a\u003e Bump devalue from 5.6.4 to 5.8.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/marmelab/react-admin/compare/v3.19.12...v5.14.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/amplication/amplication/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/amplication/amplication/pull/9936","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/amplication%2Famplication/issues/9936","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9936/packages"}},{"old_version":"3.4.0","new_version":"3.4.10","update_type":"patch","path":null,"pr_created_at":"2026-06-16T04:18:14.000Z","version_change":"3.4.0 → 3.4.10","issue":{"uuid":"4671017587","node_id":"PR_kwDOPIYMXs7m10pF","number":760,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 5 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-16T04:18:14.000Z","updated_at":"2026-06-16T04:18:32.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":5,"packages":[{"name":"vite","old_version":"7.3.2","new_version":"8.0.16","repository_url":"https://github.com/vitejs/vite"},{"name":"dompurify","old_version":"3.4.0","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"form-data","old_version":"4.0.5","new_version":"4.0.6","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"form-data","old_version":"4.0.5","new_version":"4.0.6","repository_url":"https://github.com/form-data/form-data"},{"name":"nodemailer","old_version":"8.0.5","new_version":"8.0.9","repository_url":"https://github.com/nodemailer/nodemailer"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 4 updates in the /DevElevate/Client directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [dompurify](https://github.com/cure53/DOMPurify), [form-data](https://github.com/form-data/form-data) and [js-yaml](https://github.com/nodeca/js-yaml).\nBumps the npm_and_yarn group with 2 updates in the /DevElevate/Server directory: [form-data](https://github.com/form-data/form-data) and [nodemailer](https://github.com/nodemailer/nodemailer).\n\nUpdates `vite` from 7.3.2 to 8.0.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.16\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.16/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.15\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.15/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.14\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.14/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.13/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.12/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.11\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.11/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.10\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.10/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.9\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.9/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.8\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.8/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.4/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ecreate-vite@8.0.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/create-vite@8.0.3/packages/create-vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ecreate-vite@8.0.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/create-vite@8.0.2/packages/create-vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.15...v8.0.16\"\u003e8.0.16\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9\"\u003e50b9512\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546\"\u003edc245c7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.14...v8.0.15\"\u003e8.0.15\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esend 408 on request timeout (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22476\"\u003e#22476\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c85c9eeb9aaf41f477b48b057146887bd5620797\"\u003ec85c9ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.3 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22538\"\u003e#22538\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575\"\u003e646dbed\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecapitalize error messages and remove spurious space in parse error (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22488\"\u003e#22488\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3\"\u003e85a0eff\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22511\"\u003e#22511\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa\"\u003e2686d7d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edev:\u003c/strong\u003e fix html-proxy cache key mismatch for /@fs/ HTML paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21762\"\u003e#21762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/47c4213f134f562c41ed7c031e4788510cf7e31e\"\u003e47c4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eglob:\u003c/strong\u003e error on relative glob in virtual module when no files match (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22497\"\u003e#22497\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5c8e98f8b584ac5d42f0f9b8580c49792213b13c\"\u003e5c8e98f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoptimizer:\u003c/strong\u003e close the rolldown bundle when write() rejects (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22528\"\u003e#22528\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815\"\u003ee3cfb9d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eresolve:\u003c/strong\u003e provide onWarn for viteResolvePlugin in JS plugin containers (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22509\"\u003e#22509\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/40985f1c09b7696e594e6c5695fbc315d2da2c83\"\u003e40985f1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22566\"\u003e#22566\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd\"\u003e3052a67\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Refactoring\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecorrect logic in \u003ccode\u003ecollectAllModules\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22562\"\u003e#22562\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c\"\u003e6978a9c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.13...v8.0.14\"\u003e8.0.14\u003c/a\u003e (2026-05-21)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate rolldown to 1.0.2 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22484\"\u003e#22484\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/96efc88570b6a6ddf1a910f106920cbac07b3cf0\"\u003e96efc88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22471\"\u003e#22471\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/98b81632139d51820f82036e58d6fbbf122b77b3\"\u003e98b8163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edev:\u003c/strong\u003e handle errors when sending messages to vite server (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22450\"\u003e#22450\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e8e9a34dcf2540139de558a10187630884d10217\"\u003ee8e9a34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehtml:\u003c/strong\u003e handle trailing slash paths in transformIndexHtml (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22480\"\u003e#22480\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5d94d1bffdb2a15de9341194d89baec86ce1f693\"\u003e5d94d1b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoptimizer:\u003c/strong\u003e pass oxc jsx options to transformSync in dependency scan                                                            (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22342\"\u003e#22342\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b3132dacea9c6e0cf526cd9f0f09d850f577c262\"\u003eb3132da\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22470\"\u003e#22470\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7cb728eb629cc677661f1bc52a044ffc0b87fc7f\"\u003e7cb728e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove irrelevant commits from changelog (\u003ca href=\"https://github.com/vitejs/vite/commit/2c69495f250edf01132d4a20128de19dbe836086\"\u003e2c69495\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Refactoring\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eglob:\u003c/strong\u003e do not rewrite import path for absolute base (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22310\"\u003e#22310\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ae2844ab6d6d1ccf78a2975b8132769fc35b302\"\u003e0ae2844\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f94df87ff03b40b65e29bacdc04cc18c7bccaa4a\"\u003e\u003ccode\u003ef94df87\u003c/code\u003e\u003c/a\u003e release: v8.0.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/dc245c71e5007ea4d891a025e2d69ac96c736546\"\u003e\u003ccode\u003edc245c7\u003c/code\u003e\u003c/a\u003e fix: reject windows alternate paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22572\"\u003e#22572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/50b951225bbf6151eb84a3ad5a454908ab4a76c9\"\u003e\u003ccode\u003e50b9512\u003c/code\u003e\u003c/a\u003e fix(deps): reject UNC paths for launch-editor-middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22571\"\u003e#22571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8d1b0195fd186d0b3297d7cd17acff6c96797420\"\u003e\u003ccode\u003e8d1b019\u003c/code\u003e\u003c/a\u003e release: v8.0.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/2686d7d0b722402204d3bcc687a87adea1bcf9fa\"\u003e\u003ccode\u003e2686d7d\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22511\"\u003e#22511\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3052a67d9350f4c5076ab1c222c4a21a589cbcdd\"\u003e\u003ccode\u003e3052a67\u003c/code\u003e\u003c/a\u003e chore(deps): update rolldown-related dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22566\"\u003e#22566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/e3cfb9deecff563550fa1b8abd27656b8b292815\"\u003e\u003ccode\u003ee3cfb9d\u003c/code\u003e\u003c/a\u003e fix(optimizer): close the rolldown bundle when write() rejects (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22528\"\u003e#22528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6978a9ceb942c4f5e211d52b8a1e569f8a65c80c\"\u003e\u003ccode\u003e6978a9c\u003c/code\u003e\u003c/a\u003e refactor: correct logic in \u003ccode\u003ecollectAllModules\u003c/code\u003e function (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22562\"\u003e#22562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/646dbedd2870f8ec48df0321177d8aa64bbd1575\"\u003e\u003ccode\u003e646dbed\u003c/code\u003e\u003c/a\u003e feat: update rolldown to 1.0.3 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22538\"\u003e#22538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/85a0eff1c82bbb7c99a0fe8e63704316578a40d3\"\u003e\u003ccode\u003e85a0eff\u003c/code\u003e\u003c/a\u003e fix: capitalize error messages and remove spurious space in parse error (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22488\"\u003e#22488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v8.0.16/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.4.0 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.0...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.5 to 4.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6\"\u003ev4.0.6\u003c/a\u003e - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames \u003ca href=\"https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99\"\u003e\u003ccode\u003e8dff42c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1\"\u003e\u003ccode\u003ef31d21e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ehasown\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd\"\u003e\u003ccode\u003e92ae0eb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ejs-randomness-predictor\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97\"\u003e\u003ccode\u003e67b0f65\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435\"\u003e\u003ccode\u003e64190db\u003c/code\u003e\u003c/a\u003e v4.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd\"\u003e\u003ccode\u003e92ae0eb\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ehasown\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1\"\u003e\u003ccode\u003ef31d21e\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99\"\u003e\u003ccode\u003e8dff42c\u003c/code\u003e\u003c/a\u003e [Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97\"\u003e\u003ccode\u003e67b0f65\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003ejs-randomness-predictor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.2.0] - 2026-06-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003edocs/safety.md\u003c/code\u003e with notes about processing untrusted YAML.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxDepth\u003c/code\u003e (100) loader option. Not a problem, but gives a better\nexception instead of RangeError on stack overflow.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxMergeSeqLength\u003c/code\u003e (20) loader option. Not a problem after \u003ccode\u003emerge\u003c/code\u003e fix,\nbut an additional restriction for safety.\u003c/li\u003e\n\u003cli\u003eAdded sourcemaps to \u003ccode\u003edist/\u003c/code\u003e builds.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStop resolving numbers with underscores as numeric scalars, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/627\"\u003e#627\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eSwitched dev toolchains to Vite / neostandard.\u003c/li\u003e\n\u003cli\u003eUpdated demo.\u003c/li\u003e\n\u003cli\u003eReorganized tests.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edist/\u003c/code\u003e files are no longer kept in the repository.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix parsing of properties on the first implicit block mapping key, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/62\"\u003e#62\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix trailing whitespace handling when folding flow scalar lines, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReject top-level block scalars without content indentation, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/280\"\u003e#280\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsure numbers survive round-trip, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/737\"\u003e#737\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix test coverage for issue \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/221\"\u003e#221\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix flow scalar trailing whitespace folding, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix digits in YAML named tag handles.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential DoS via quadratic complexity in merge - deduplicate repeated\nelements (makes sense for malformed files \u0026gt; 10K).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.5 to 4.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6\"\u003ev4.0.6\u003c/a\u003e - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames \u003ca href=\"https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99\"\u003e\u003ccode\u003e8dff42c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1\"\u003e\u003ccode\u003ef31d21e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ehasown\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd\"\u003e\u003ccode\u003e92ae0eb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ejs-randomness-predictor\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97\"\u003e\u003ccode\u003e67b0f65\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435\"\u003e\u003ccode\u003e64190db\u003c/code\u003e\u003c/a\u003e v4.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd\"\u003e\u003ccode\u003e92ae0eb\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ehasown\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1\"\u003e\u003ccode\u003ef31d21e\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99\"\u003e\u003ccode\u003e8dff42c\u003c/code\u003e\u003c/a\u003e [Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97\"\u003e\u003ccode\u003e67b0f65\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003ejs-randomness-predictor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 8.0.5 to 8.0.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.8...v8.0.9\"\u003e8.0.9\u003c/a\u003e (2026-05-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etwo pending security advisories (jsonTransport access bypass, List-* CRLF injection) (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1820\"\u003e#1820\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/5f694977da2e0e13dc947037566e8e689a01217e\"\u003e5f69497\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003e8.0.8\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e833d6e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efour listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e850bb91\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.6...v8.0.7\"\u003e8.0.7\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekeep domain as UTF-8 when local part is non-ASCII (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1814\"\u003e#1814\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/66d4ecb5aa431f3614a26b3c08b9c63cdf32a9ea\"\u003e66d4ecb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.5...v8.0.6\"\u003e8.0.6\u003c/a\u003e (2026-04-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erestore base64 wrap() trim behavior to prevent trailing CRLF (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1810\"\u003e#1810\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1811\"\u003e#1811\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b1ae6c1c2927240737d9f68f316f0c84042b8adb\"\u003eb1ae6c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.8...v8.0.9\"\u003e8.0.9\u003c/a\u003e (2026-05-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etwo pending security advisories (jsonTransport access bypass, List-* CRLF injection) (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1820\"\u003e#1820\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/5f694977da2e0e13dc947037566e8e689a01217e\"\u003e5f69497\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003e8.0.8\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e833d6e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efour listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e850bb91\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.6...v8.0.7\"\u003e8.0.7\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekeep domain as UTF-8 when local part is non-ASCII (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1814\"\u003e#1814\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/66d4ecb5aa431f3614a26b3c08b9c63cdf32a9ea\"\u003e66d4ecb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.5...v8.0.6\"\u003e8.0.6\u003c/a\u003e (2026-04-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erestore base64 wrap() trim behavior to prevent trailing CRLF (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1810\"\u003e#1810\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1811\"\u003e#1811\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b1ae6c1c2927240737d9f68f316f0c84042b8adb\"\u003eb1ae6c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/07303cb0cb34b97b44856f5de3eff212b63e4567\"\u003e\u003ccode\u003e07303cb\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.9 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1821\"\u003e#1821\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/5f694977da2e0e13dc947037566e8e689a01217e\"\u003e\u003ccode\u003e5f69497\u003c/code\u003e\u003c/a\u003e fix: two pending security advisories (jsonTransport access bypass, List-* CRL...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/15138a84c543c20aa399218534cdbbfa2ea1ce55\"\u003e\u003ccode\u003e15138a8\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.8 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1819\"\u003e#1819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e\u003ccode\u003e850bb91\u003c/code\u003e\u003c/a\u003e fix: four listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e\u003ccode\u003e833d6e5\u003c/code\u003e\u003c/a\u003e fix: enforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/1997040e23e5df901b8ee085ae3fc1fdbdd06f9f\"\u003e\u003ccode\u003e1997040\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.7 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1815\"\u003e#1815\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9b9c545dcfae3b884d5b92bf3196e674066e8b3e\"\u003e\u003ccode\u003e9b9c545\u003c/code\u003e\u003c/a\u003e chore: drop nodemailer-ntlm-auth devDependency (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1816\"\u003e#1816\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/22bf90cf111f02b7a0271494d85b48adcc8ab0a1\"\u003e\u003ccode\u003e22bf90c\u003c/code\u003e\u003c/a\u003e Bumped dev deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/66d4ecb5aa431f3614a26b3c08b9c63cdf32a9ea\"\u003e\u003ccode\u003e66d4ecb\u003c/code\u003e\u003c/a\u003e fix: keep domain as UTF-8 when local part is non-ASCII (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1814\"\u003e#1814\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/6a4a01e1c94a469d8dc56cc858ea5beb80e1f9b8\"\u003e\u003ccode\u003e6a4a01e\u003c/code\u003e\u003c/a\u003e Fix/base64 wrap trailing crlf (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1813\"\u003e#1813\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.5...v8.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/abhisek2004/Dev-Elevate/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/abhisek2004/Dev-Elevate/pull/760","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/abhisek2004%2FDev-Elevate/issues/760","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/760/packages"}},{"old_version":"3.3.3","new_version":"3.4.9","update_type":"minor","path":null,"pr_created_at":"2026-06-16T00:46:23.000Z","version_change":"3.3.3 → 3.4.9","issue":{"uuid":"4670045357","node_id":"PR_kwDOSDVEus7mytpy","number":83,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 14 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-06-16T00:46:37.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-16T00:46:23.000Z","updated_at":"2026-06-16T00:46:46.000Z","time_to_close":14,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":14,"packages":[{"name":"@grpc/grpc-js","old_version":"1.8.22","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"@grpc/grpc-js","old_version":"1.14.3","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"axios","old_version":"0.30.3","new_version":"1.18.0","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.13.6","new_version":"1.18.0","repository_url":"https://github.com/axios/axios"},{"name":"liquidjs","old_version":"10.25.1","new_version":"10.26.0","repository_url":"https://github.com/harttle/liquidjs"},{"name":"protobufjs","old_version":"7.2.6","new_version":"7.6.3","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"qs","old_version":"6.14.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"dompurify","old_version":"3.3.3","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"fast-xml-parser","old_version":"5.2.5","new_version":"5.7.3","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"esbuild","old_version":"0.21.5","new_version":"removed","repository_url":"https://github.com/evanw/esbuild"},{"name":"fast-uri","old_version":"3.1.0","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"ip-address","old_version":"10.1.0","new_version":"10.2.0","repository_url":"https://github.com/beaugunderson/ip-address"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.8.22` | `1.14.4` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.14.3` | `1.14.4` |\n| [axios](https://github.com/axios/axios) | `0.30.3` | `1.18.0` |\n| [axios](https://github.com/axios/axios) | `1.13.6` | `1.18.0` |\n| [liquidjs](https://github.com/harttle/liquidjs) | `10.25.1` | `10.26.0` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.2.6` | `7.6.3` |\n| [qs](https://github.com/ljharb/qs) | `6.14.2` | `6.15.2` |\n| [ws](https://github.com/websockets/ws) | `8.19.0` | `8.21.0` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.3` | `3.4.9` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.2.5` | `5.7.3` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.21.5` | `removed` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.1.0` | `3.1.2` |\n| [ip-address](https://github.com/beaugunderson/ip-address) | `10.1.0` | `10.2.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\n\nUpdates `@grpc/grpc-js` from 1.8.22 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSend halfClose immediately after messages to prevent late halfClose issues with Envoy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3031\"\u003e#3031\u003c/a\u003e contributed by \u003ca href=\"https://github.com/serkanerip\"\u003e\u003ccode\u003e@​serkanerip\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix server keep alive timeout not properly destroying connections (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3022\"\u003e#3022\u003c/a\u003e contributed by \u003ca href=\"https://github.com/mattias-wiberg\"\u003e\u003ccode\u003e@​mattias-wiberg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regression of the settings used internally for HTTP/2 sessions (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3023\"\u003e#3023\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js-xds\u003c/code\u003e 1.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement RBAC support (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A41-xds-rbac.md\"\u003egRFC A41\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2939\"\u003e#2939\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2945\"\u003e#2945\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eweighted_round_robin\u003c/code\u003e to LB policy registry (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3001\"\u003e#3001\u003c/a\u003e) (currently experimental, enabled by the environment variable \u003ccode\u003eGRPC_EXPERIMENTAL_XDS_WRR_LB\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ewrr_locality\u003c/code\u003e to LB policy registry (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3003\"\u003e#3003\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003egetAuthContext\u003c/code\u003e method to client and server call classes (more details can be found in \u003ca href=\"https://github.com/grpc/proposal/blob/master/L35-node-getAuthContext.md\"\u003egRFC L35\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2920\"\u003e#2920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement custom backend metrics support (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A51-custom-backend-metrics.md\"\u003egRFC A51\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2978\"\u003e#2978\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2983\"\u003e#2983\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2985\"\u003e#2985\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2986\"\u003e#2986\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2999\"\u003e#2999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003egetConnectionInfo\u003c/code\u003e method to the \u003ccode\u003eServerInterceptingCall\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2922\"\u003e#2922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement the \u003ccode\u003eweighted_round_robin\u003c/code\u003e load balancing policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2998\"\u003e#2998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix jitter behavior for client retries (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2960\"\u003e#2960\u003c/a\u003e contributed by \u003ca href=\"https://github.com/ekscentrysytet\"\u003e\u003ccode\u003e@​ekscentrysytet\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStart connecting from a random index in the \u003ccode\u003eround_robin\u003c/code\u003e LB policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2979\"\u003e#2979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSend connection-level WINDOW_UPDATE at session start (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2971\"\u003e#2971\u003c/a\u003e contributed by \u003ca href=\"https://github.com/KoenRijpstra\"\u003e\u003ccode\u003e@​KoenRijpstra\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eExperimental API Changes\u003c/h2\u003e\n\u003cp\u003eAdded:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eCHANNEL_ARGS_CONFIG_SELECTOR_KEY\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eStatusOr\u0026lt;T\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCallStream\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatusOrFromValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatusOrFromError\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModified:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResolverListener#onSuccessfulResolution\u003c/code\u003e now has the signature \u003ccode\u003e(endpointList: StatusOr\u0026lt;Endpoint[]\u0026gt;, attributes: { [key: string]: unknown }, serviceConfig: StatusOr\u0026lt;ServiceConfig\u0026gt; | null, resolutionNote: string): boolean\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eLoadBalancer#updateAddressList\u003c/code\u003e now has the signature `updateAddressList(endpointList: StatusOr\u0026lt;Endpoint[]\u0026gt;,lbConfig: TypedLoadBalancingConfig, channelOptions: ChannelOptions, resolutionNote: string): boolean\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.13.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.13.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ability to set SNI with \u003ccode\u003essl_target_name_override\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2956\"\u003e#2956\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/ccd29b27d28ce8937f8250f72e5e6027ed5af09a\"\u003e\u003ccode\u003eccd29b2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3032\"\u003e#3032\u003c/a\u003e from murgatroid99/grpc-js_retry_half_close_1.14\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.22...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.14.3 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSend halfClose immediately after messages to prevent late halfClose issues with Envoy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3031\"\u003e#3031\u003c/a\u003e contributed by \u003ca href=\"https://github.com/serkanerip\"\u003e\u003ccode\u003e@​serkanerip\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix server keep alive timeout not properly destroying connections (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3022\"\u003e#3022\u003c/a\u003e contributed by \u003ca href=\"https://github.com/mattias-wiberg\"\u003e\u003ccode\u003e@​mattias-wiberg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regression of the settings used internally for HTTP/2 sessions (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3023\"\u003e#3023\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js-xds\u003c/code\u003e 1.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement RBAC support (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A41-xds-rbac.md\"\u003egRFC A41\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2939\"\u003e#2939\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2945\"\u003e#2945\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eweighted_round_robin\u003c/code\u003e to LB policy registry (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3001\"\u003e#3001\u003c/a\u003e) (currently experimental, enabled by the environment variable \u003ccode\u003eGRPC_EXPERIMENTAL_XDS_WRR_LB\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ewrr_locality\u003c/code\u003e to LB policy registry (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3003\"\u003e#3003\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.0\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003egetAuthContext\u003c/code\u003e method to client and server call classes (more details can be found in \u003ca href=\"https://github.com/grpc/proposal/blob/master/L35-node-getAuthContext.md\"\u003egRFC L35\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2920\"\u003e#2920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement custom backend metrics support (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A51-custom-backend-metrics.md\"\u003egRFC A51\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2978\"\u003e#2978\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2983\"\u003e#2983\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2985\"\u003e#2985\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2986\"\u003e#2986\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2999\"\u003e#2999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003egetConnectionInfo\u003c/code\u003e method to the \u003ccode\u003eServerInterceptingCall\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2922\"\u003e#2922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement the \u003ccode\u003eweighted_round_robin\u003c/code\u003e load balancing policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2998\"\u003e#2998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix jitter behavior for client retries (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2960\"\u003e#2960\u003c/a\u003e contributed by \u003ca href=\"https://github.com/ekscentrysytet\"\u003e\u003ccode\u003e@​ekscentrysytet\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStart connecting from a random index in the \u003ccode\u003eround_robin\u003c/code\u003e LB policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2979\"\u003e#2979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSend connection-level WINDOW_UPDATE at session start (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2971\"\u003e#2971\u003c/a\u003e contributed by \u003ca href=\"https://github.com/KoenRijpstra\"\u003e\u003ccode\u003e@​KoenRijpstra\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eExperimental API Changes\u003c/h2\u003e\n\u003cp\u003eAdded:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eCHANNEL_ARGS_CONFIG_SELECTOR_KEY\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eStatusOr\u0026lt;T\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCallStream\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatusOrFromValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003estatusOrFromError\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModified:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResolverListener#onSuccessfulResolution\u003c/code\u003e now has the signature \u003ccode\u003e(endpointList: StatusOr\u0026lt;Endpoint[]\u0026gt;, attributes: { [key: string]: unknown }, serviceConfig: StatusOr\u0026lt;ServiceConfig\u0026gt; | null, resolutionNote: string): boolean\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eLoadBalancer#updateAddressList\u003c/code\u003e now has the signature `updateAddressList(endpointList: StatusOr\u0026lt;Endpoint[]\u0026gt;,lbConfig: TypedLoadBalancingConfig, channelOptions: ChannelOptions, resolutionNote: string): boolean\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.13.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.13.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ability to set SNI with \u003ccode\u003essl_target_name_override\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2956\"\u003e#2956\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/ccd29b27d28ce8937f8250f72e5e6027ed5af09a\"\u003e\u003ccode\u003eccd29b2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3032\"\u003e#3032\u003c/a\u003e from murgatroid99/grpc-js_retry_half_close_1.14\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.22...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.30.3 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d06f96e8602c2db13b65a26340ee4a1bbc0b61f\"\u003e\u003ccode\u003e2d06f96\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.18.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32fc489632377d214db55bfa4e2c48486a7d7ce2\"\u003e\u003ccode\u003e32fc489\u003c/code\u003e\u003c/a\u003e fix: malformed http urls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b40ce498abfa10d90b873b4fd08f520afa5d2545\"\u003e\u003ccode\u003eb40ce49\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 10 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fe964f960ecb52c3e1155b0daf7be77541956b01\"\u003e\u003ccode\u003efe964f9\u003c/code\u003e\u003c/a\u003e docs: mark proxy config as Node.js only (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5f229d2d1f018d1db3dab6bbe034dbf3f9041b99\"\u003e\u003ccode\u003e5f229d2\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fae9d4e7db6a858c407c75e607a071c533c5c4f6\"\u003e\u003ccode\u003efae9d4e\u003c/code\u003e\u003c/a\u003e docs: clarify package update PR policy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28ab2ced820e55192806c53472ab3eb0cbb68dc2\"\u003e\u003ccode\u003e28ab2ce\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a8e4f13aeecc45a3b8fab3ecfd9ddb5d70fb772b\"\u003e\u003ccode\u003ea8e4f13\u003c/code\u003e\u003c/a\u003e fix(core): keep default validateStatus when request passes undefined (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/614f4552a17de757d4171ad7c3bd38c9c1025fd8\"\u003e\u003ccode\u003e614f455\u003c/code\u003e\u003c/a\u003e docs: publish v1.17.0 release notes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6bb12c191f5380fad321322fb90216ae0dc36985\"\u003e\u003ccode\u003e6bb12c1\u003c/code\u003e\u003c/a\u003e fix: custom auth headers not stripped on cross-origin redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.30.3...v1.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.6 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d06f96e8602c2db13b65a26340ee4a1bbc0b61f\"\u003e\u003ccode\u003e2d06f96\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.18.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32fc489632377d214db55bfa4e2c48486a7d7ce2\"\u003e\u003ccode\u003e32fc489\u003c/code\u003e\u003c/a\u003e fix: malformed http urls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b40ce498abfa10d90b873b4fd08f520afa5d2545\"\u003e\u003ccode\u003eb40ce49\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 10 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fe964f960ecb52c3e1155b0daf7be77541956b01\"\u003e\u003ccode\u003efe964f9\u003c/code\u003e\u003c/a\u003e docs: mark proxy config as Node.js only (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5f229d2d1f018d1db3dab6bbe034dbf3f9041b99\"\u003e\u003ccode\u003e5f229d2\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fae9d4e7db6a858c407c75e607a071c533c5c4f6\"\u003e\u003ccode\u003efae9d4e\u003c/code\u003e\u003c/a\u003e docs: clarify package update PR policy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28ab2ced820e55192806c53472ab3eb0cbb68dc2\"\u003e\u003ccode\u003e28ab2ce\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a8e4f13aeecc45a3b8fab3ecfd9ddb5d70fb772b\"\u003e\u003ccode\u003ea8e4f13\u003c/code\u003e\u003c/a\u003e fix(core): keep default validateStatus when request passes undefined (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/614f4552a17de757d4171ad7c3bd38c9c1025fd8\"\u003e\u003ccode\u003e614f455\u003c/code\u003e\u003c/a\u003e docs: publish v1.17.0 release notes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6bb12c191f5380fad321322fb90216ae0dc36985\"\u003e\u003ccode\u003e6bb12c1\u003c/code\u003e\u003c/a\u003e fix: custom auth headers not stripped on cross-origin redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.30.3...v1.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `liquidjs` from 10.25.1 to 10.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/harttle/liquidjs/releases\"\u003eliquidjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.26.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.7...v10.26.0\"\u003e10.26.0\u003c/a\u003e (2026-05-14)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edate:\u003c/strong\u003e cap strftime widths and account padding in memoryLimit (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/895\"\u003e#895\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/3129d46dc95efa357b00e5a57ee1af80a13d72ed\"\u003e3129d46\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenforce renderLimit for empty renderTemplates calls (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/5b9c3469085e01c79e2d0af28e2a13f730e1793d\"\u003e5b9c346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epropagate ownPropertyOnly into Context.spawn() for {% render %} (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/893\"\u003e#893\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/dbbf6288030591bf6da28d8c1cce5a17bca97bb6\"\u003edbbf628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e block Object.prototype filter/tag lookups (RCE) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/897\"\u003e#897\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/457fae0736c3ec862539b9dbf7f477e6c08fb6c6\"\u003e457fae0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003estrip html newline tags (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/892\"\u003e#892\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/26ea2856c7a90aec892b98d94a9b7a3e18539045\"\u003e26ea285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003estrip_html:\u003c/strong\u003e rewrite as linear single-pass scan to avoid ReDoS (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/896\"\u003e#896\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/3616a744b9abeb425c217b340a2397d46176afb8\"\u003e3616a74\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd sha256 and hmac_sha256 filters for cryptographic operations (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/1c816d4fc3bcd2cba011f7a84f56a4251fca0622\"\u003e1c816d4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.25.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.6...v10.25.7\"\u003e10.25.7\u003c/a\u003e (2026-04-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003efilters:\u003c/strong\u003e support Buffer input in base64_encode to prevent binary data corruption (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/881\"\u003e#881\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/0ee6dbb511aa926f6d490293282060abf3bab37f\"\u003e0ee6dbb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.25.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.5...v10.25.6\"\u003e10.25.6\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enested block for layout (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/e2311dfd6e82f73509308aa8a3a1fafc92e226f0\"\u003ee2311df\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.25.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.4...v10.25.5\"\u003e10.25.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce root containment for renderFile/parseFile lookups (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/870\"\u003e#870\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/f41c1fc02fe901598f3328118b42b13bc6bc9b04\"\u003ef41c1fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enull date should return empty (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/868\"\u003e#868\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/872\"\u003e#872\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/4f9a49988a93c156524981e189a4fec238e682b8\"\u003e4f9a499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erounding negative away from zero when half (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/873\"\u003e#873\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/1cdf10b57d82f0592414efbfca19e204b37aea9f\"\u003e1cdf10b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.25.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.3...v10.25.4\"\u003e10.25.4\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md\"\u003eliquidjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.7...v10.26.0\"\u003e10.26.0\u003c/a\u003e (2026-05-14)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edate:\u003c/strong\u003e cap strftime widths and account padding in memoryLimit (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/895\"\u003e#895\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/3129d46dc95efa357b00e5a57ee1af80a13d72ed\"\u003e3129d46\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenforce renderLimit for empty renderTemplates calls (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/5b9c3469085e01c79e2d0af28e2a13f730e1793d\"\u003e5b9c346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epropagate ownPropertyOnly into Context.spawn() for {% render %} (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/893\"\u003e#893\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/dbbf6288030591bf6da28d8c1cce5a17bca97bb6\"\u003edbbf628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e block Object.prototype filter/tag lookups (RCE) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/897\"\u003e#897\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/457fae0736c3ec862539b9dbf7f477e6c08fb6c6\"\u003e457fae0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003estrip html newline tags (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/892\"\u003e#892\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/26ea2856c7a90aec892b98d94a9b7a3e18539045\"\u003e26ea285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003estrip_html:\u003c/strong\u003e rewrite as linear single-pass scan to avoid ReDoS (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/896\"\u003e#896\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/3616a744b9abeb425c217b340a2397d46176afb8\"\u003e3616a74\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd sha256 and hmac_sha256 filters for cryptographic operations (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/1c816d4fc3bcd2cba011f7a84f56a4251fca0622\"\u003e1c816d4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.6...v10.25.7\"\u003e10.25.7\u003c/a\u003e (2026-04-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003efilters:\u003c/strong\u003e support Buffer input in base64_encode to prevent binary data corruption (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/881\"\u003e#881\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/0ee6dbb511aa926f6d490293282060abf3bab37f\"\u003e0ee6dbb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.5...v10.25.6\"\u003e10.25.6\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enested block for layout (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/e2311dfd6e82f73509308aa8a3a1fafc92e226f0\"\u003ee2311df\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.4...v10.25.5\"\u003e10.25.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce root containment for renderFile/parseFile lookups (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/870\"\u003e#870\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/f41c1fc02fe901598f3328118b42b13bc6bc9b04\"\u003ef41c1fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enull date should return empty (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/868\"\u003e#868\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/872\"\u003e#872\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/4f9a49988a93c156524981e189a4fec238e682b8\"\u003e4f9a499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erounding negative away from zero when half (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/873\"\u003e#873\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/1cdf10b57d82f0592414efbfca19e204b37aea9f\"\u003e1cdf10b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.3...v10.25.4\"\u003e10.25.4\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esort and sort_natural filters bypass ownPropertyOnly (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/869\"\u003e#869\u003c/a\u003e) (\u003ca href=\"https://github.com/harttle/liquidjs/commit/e743da0020d34e2ee547e1cc1a86b58377ebe1ce\"\u003ee743da0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.2...v10.25.3\"\u003e10.25.3\u003c/a\u003e (2026-04-06)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/c20c0af02d33e8d2ca6b08925eadca8755257c39\"\u003e\u003ccode\u003ec20c0af\u003c/code\u003e\u003c/a\u003e chore(release): 10.26.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/457fae0736c3ec862539b9dbf7f477e6c08fb6c6\"\u003e\u003ccode\u003e457fae0\u003c/code\u003e\u003c/a\u003e fix(security): block Object.prototype filter/tag lookups (RCE) (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/897\"\u003e#897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/3616a744b9abeb425c217b340a2397d46176afb8\"\u003e\u003ccode\u003e3616a74\u003c/code\u003e\u003c/a\u003e fix(strip_html): rewrite as linear single-pass scan to avoid ReDoS (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/896\"\u003e#896\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/3129d46dc95efa357b00e5a57ee1af80a13d72ed\"\u003e\u003ccode\u003e3129d46\u003c/code\u003e\u003c/a\u003e fix(date): cap strftime widths and account padding in memoryLimit (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/895\"\u003e#895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/5b9c3469085e01c79e2d0af28e2a13f730e1793d\"\u003e\u003ccode\u003e5b9c346\u003c/code\u003e\u003c/a\u003e fix: enforce renderLimit for empty renderTemplates calls (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/894\"\u003e#894\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/dbbf6288030591bf6da28d8c1cce5a17bca97bb6\"\u003e\u003ccode\u003edbbf628\u003c/code\u003e\u003c/a\u003e fix: propagate ownPropertyOnly into Context.spawn() for {% render %} (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/893\"\u003e#893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/26ea2856c7a90aec892b98d94a9b7a3e18539045\"\u003e\u003ccode\u003e26ea285\u003c/code\u003e\u003c/a\u003e fix: strip html newline tags (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/892\"\u003e#892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/a55f543f49aea8f769e680b0d115aa903952efd0\"\u003e\u003ccode\u003ea55f543\u003c/code\u003e\u003c/a\u003e docs(readme): add Freshet to Who's Using LiquidJS (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/888\"\u003e#888\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/d1d517d1eca66fff546beb98131e8254d6eccad1\"\u003e\u003ccode\u003ed1d517d\u003c/code\u003e\u003c/a\u003e docs: add VladimirFilonov as a contributor for code (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/891\"\u003e#891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/harttle/liquidjs/commit/1c816d4fc3bcd2cba011f7a84f56a4251fca0622\"\u003e\u003ccode\u003e1c816d4\u003c/code\u003e\u003c/a\u003e feat: add sha256 and hmac_sha256 filters for cryptographic operations (\u003ca href=\"https://redirect.github.com/harttle/liquidjs/issues/889\"\u003e#889\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/harttle/liquidjs/compare/v10.25.1...v10.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 7.2.6 to 7.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.6.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.2...protobufjs-v7.6.3\"\u003e7.6.3\u003c/a\u003e (2026-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid name collisions in generated code (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2311\"\u003e#2311\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/78a9576269a5b590c54686a8122e78e28135cd50\"\u003e78a9576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve null conversion behavior for fieldless messages (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2312\"\u003e#2312\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/df91652aa5cb1ee0204566252df85cbe752298a6\"\u003edf91652\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.1...protobufjs-v7.6.2\"\u003e7.6.2\u003c/a\u003e (2026-05-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport consistency and correctness fixes (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2294\"\u003e#2294\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a92f72e1cb731f06040a7917d3e041666d5f5601\"\u003ea92f72e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned in converters (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2266\"\u003e#2266\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/479dfdcc690feb9f71986049d3d38c7a0f979abb\"\u003e479dfdc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.6.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.9...protobufjs-v7.6.0\"\u003e7.6.0\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport BigInt conversions (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2258\"\u003e#2258\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/f76924244504b159efe1bb13b154fd17be3c13e7\"\u003ef769242\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.6.3/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.2...protobufjs-v7.6.3\"\u003e7.6.3\u003c/a\u003e (2026-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid name collisions in generated code (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2311\"\u003e#2311\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/78a9576269a5b590c54686a8122e78e28135cd50\"\u003e78a9576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve null conversion behavior for fieldless messages (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2312\"\u003e#2312\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/df91652aa5cb1ee0204566252df85cbe752298a6\"\u003edf91652\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.1...protobufjs-v7.6.2\"\u003e7.6.2\u003c/a\u003e (2026-05-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport consistency and correctness fixes (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2294\"\u003e#2294\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a92f72e1cb731f06040a7917d3e041666d5f5601\"\u003ea92f72e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.6.0...protobufjs-v7.6.1\"\u003e7.6.1\u003c/a\u003e (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport misc utility hardening (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2280\"\u003e#2280\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/8a45c13d22ec2d05ab1b7935fcb5331ea59a9cd0\"\u003e8a45c13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat fixed64 as unsigned ...\n\n_Description has been truncated_","html_url":"https://github.com/lhy8888/uptime/pull/83","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lhy8888%2Fuptime/issues/83","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/83/packages"}},{"old_version":"3.3.1","new_version":"3.4.9","update_type":"minor","path":null,"pr_created_at":"2026-06-15T23:58:26.000Z","version_change":"3.3.1 → 3.4.9","issue":{"uuid":"4669835393","node_id":"PR_kwDORTfhNM7myCHG","number":1,"state":"open","title":"build(deps): bump the npm_and_yarn group across 2 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T23:58:26.000Z","updated_at":"2026-06-15T23:59:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"dompurify","old_version":"3.3.1","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"vite","old_version":"7.3.1","new_version":"7.3.5","repository_url":"https://github.com/vitejs/vite"},{"name":"vitest","old_version":"4.0.18","new_version":"4.1.0","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"@whiskeysockets/baileys","old_version":"7.0.0-rc.9","new_version":"7.0.0-rc12","repository_url":"https://github.com/WhiskeySockets/Baileys"},{"name":"markdown-it","old_version":"14.1.1","new_version":"14.2.0","repository_url":"https://github.com/markdown-it/markdown-it"},{"name":"tar","old_version":"7.5.9","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /ui directory: [dompurify](https://github.com/cure53/DOMPurify), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).\nBumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.1` | `3.4.9` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.3.1` | `7.3.5` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.18` | `4.1.0` |\n| [@whiskeysockets/baileys](https://github.com/WhiskeySockets/Baileys) | `7.0.0-rc.9` | `7.0.0-rc12` |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `14.1.1` | `14.2.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.9` | `7.5.16` |\n| [ws](https://github.com/websockets/ws) | `8.19.0` | `8.21.0` |\n\n\nUpdates `dompurify` from 3.3.1 to 3.4.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🚨 \u003cstrong\u003eThis release had been flagged as deprecated, please use DOMPurify 3.4.5 instead\u003c/strong\u003e 🚨\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue with handling of nested Shadow DOM trees, thanks \u003ca href=\"https://github.com/fishjojo1\"\u003e\u003ccode\u003e@​fishjojo1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the template regexes to be more robust against ReDoS attacks, thanks \u003ca href=\"https://github.com/aleung27\"\u003e\u003ccode\u003e@​aleung27\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the node iteration code to catch more Shadow DOM related issues\u003c/li\u003e\n\u003cli\u003eUpdated Playwright and added Node 26 to test matrix\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, release signing, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/09f59115a311469de5b625225760593e551f080a\"\u003e\u003ccode\u003e09f5911\u003c/code\u003e\u003c/a\u003e test: added three more browsers to test setup (OSX, mobile)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.1...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 7.3.1 to 7.3.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.3...v7.3.5\"\u003e7.3.5\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22574\"\u003e#22574\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e8c18556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e backport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22573\"\u003e#22573\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003ef20d64b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eskip v7.3.4 release (\u003ca href=\"https://github.com/vitejs/vite/commit/8a6a0c9fc734dbfe293ac33a4954506ee50430e1\"\u003e8a6a0c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.3...v7.3.4\"\u003e7.3.4\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22574\"\u003e#22574\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e8c18556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e backport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22573\"\u003e#22573\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003ef20d64b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.2...v7.3.3\"\u003e7.3.3\u003c/a\u003e (2026-05-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid destructure lowering for newer safari (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22346\"\u003e#22346\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e5ab51c0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/077945cb60df372a52cf999b6e532ba70fac7423\"\u003e\u003ccode\u003e077945c\u003c/code\u003e\u003c/a\u003e release: v7.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8a6a0c9fc734dbfe293ac33a4954506ee50430e1\"\u003e\u003ccode\u003e8a6a0c9\u003c/code\u003e\u003c/a\u003e chore: skip v7.3.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e\u003ccode\u003e8c18556\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22574\"\u003e#22574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003e\u003ccode\u003ef20d64b\u003c/code\u003e\u003c/a\u003e fix(deps): backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/2\"\u003e#2\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca31424cccb075c88131132b929a63527d0e2b69\"\u003e\u003ccode\u003eca31424\u003c/code\u003e\u003c/a\u003e release: v7.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e\u003ccode\u003e5ab51c0\u003c/code\u003e\u003c/a\u003e fix: avoid destructure lowering for newer safari (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22346\"\u003e#22346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.5/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 4.0.18 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003cp\u003eVitest 4.1 is out!\u003c/p\u003e\n\u003cp\u003eThis release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our \u003ca href=\"https://vitest.dev/blog/vitest-4-1\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReturn a disposable from doMock()  -  by \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9332\"\u003evitest-dev/vitest#9332\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e3e659a96\"\u003e\u003c!-- raw HTML omitted --\u003e(e3e65)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded chai style assertions  -  by \u003ca href=\"https://github.com/ronnakamoto\"\u003e\u003ccode\u003e@​ronnakamoto\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8842\"\u003evitest-dev/vitest#8842\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/841df9ac5\"\u003e\u003c!-- raw HTML omitted --\u003e(841df)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to sinon/fake-timers v15 and add \u003ccode\u003esetTickMode\u003c/code\u003e to timer controls  -  by \u003ca href=\"https://github.com/atscott\"\u003e\u003ccode\u003e@​atscott\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8726\"\u003evitest-dev/vitest#8726\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4b480aaed\"\u003e\u003c!-- raw HTML omitted --\u003e(4b480)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose matcher types  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9448\"\u003evitest-dev/vitest#9448\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/3e4b913b1\"\u003e\u003c!-- raw HTML omitted --\u003e(3e4b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etoTestSpecification\u003c/code\u003e to reported tasks  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9464\"\u003evitest-dev/vitest#9464\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1a4705da9\"\u003e\u003c!-- raw HTML omitted --\u003e(1a470)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow a warning if \u003ccode\u003evi.mock\u003c/code\u003e or \u003ccode\u003evi.hoisted\u003c/code\u003e are declared outside of top level of the module  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9387\"\u003evitest-dev/vitest#9387\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/5db54a468\"\u003e\u003c!-- raw HTML omitted --\u003e(5db54)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTrack and display expectedly failed tests (.fails) in UI and CLI  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9476\"\u003evitest-dev/vitest#9476\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/77d75fd34\"\u003e\u003c!-- raw HTML omitted --\u003e(77d75)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport tags  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9478\"\u003evitest-dev/vitest#9478\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/de7c8a521\"\u003e\u003c!-- raw HTML omitted --\u003e(de7c8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003earoundEach\u003c/code\u003e and \u003ccode\u003earoundAll\u003c/code\u003e hooks  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9450\"\u003evitest-dev/vitest#9450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2a8cb9dc2\"\u003e\u003c!-- raw HTML omitted --\u003e(2a8cb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStabilize experimental features  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9529\"\u003evitest-dev/vitest#9529\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/b5fd2a16a\"\u003e\u003c!-- raw HTML omitted --\u003e(b5fd2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccept \u003ccode\u003enew\u003c/code\u003e or \u003ccode\u003eall\u003c/code\u003e in \u003ccode\u003e--update\u003c/code\u003e flag  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9543\"\u003evitest-dev/vitest#9543\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/a5acf28a5\"\u003e\u003c!-- raw HTML omitted --\u003e(a5acf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003emeta\u003c/code\u003e in test options  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9535\"\u003evitest-dev/vitest#9535\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7d622e3d1\"\u003e\u003c!-- raw HTML omitted --\u003e(7d622)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport type inference with a new \u003ccode\u003etest.extend\u003c/code\u003e syntax  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9550\"\u003evitest-dev/vitest#9550\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e53854fcc\"\u003e\u003c!-- raw HTML omitted --\u003e(e5385)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport vite 8 beta, fix type issues in the config with different vite versions  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9587\"\u003evitest-dev/vitest#9587\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/990281dfd\"\u003e\u003c!-- raw HTML omitted --\u003e(99028)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd assertion helper to hide internal stack traces  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9594\"\u003evitest-dev/vitest#9594\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/eeb0ae2f8\"\u003e\u003c!-- raw HTML omitted --\u003e(eeb0a)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStore failure screenshots using artifacts API  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9588\"\u003evitest-dev/vitest#9588\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/24603e3c4\"\u003e\u003c!-- raw HTML omitted --\u003e(24603)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003evitest list\u003c/code\u003e to statically collect tests instead of running files to collect them  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9630\"\u003evitest-dev/vitest#9630\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7a8e7fc20\"\u003e\u003c!-- raw HTML omitted --\u003e(7a8e7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--detect-async-leaks\u003c/code\u003e  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9528\"\u003evitest-dev/vitest#9528\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c594d4af3\"\u003e\u003c!-- raw HTML omitted --\u003e(c594d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003emockThrow\u003c/code\u003e and \u003ccode\u003emockThrowOnce\u003c/code\u003e  -  by \u003ca href=\"https://github.com/thor-juhasz\"\u003e\u003ccode\u003e@​thor-juhasz\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9512\"\u003evitest-dev/vitest#9512\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/619179fb7\"\u003e\u003c!-- raw HTML omitted --\u003e(61917)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eupdate: \u0026quot;none\u0026quot;\u003c/code\u003e and add docs about snapshots behavior on CI  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9700\"\u003evitest-dev/vitest#9700\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/05f1854e2\"\u003e\u003c!-- raw HTML omitted --\u003e(05f18)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport playwright \u003ccode\u003elaunchOptions\u003c/code\u003e with \u003ccode\u003econnectOptions\u003c/code\u003e  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9702\"\u003evitest-dev/vitest#9702\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f0ff1b2a0\"\u003e\u003c!-- raw HTML omitted --\u003e(f0ff1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003epage/locator.mark\u003c/code\u003e API to enhance playwright trace  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9652\"\u003evitest-dev/vitest#9652\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/d0ee546fe\"\u003e\u003c!-- raw HTML omitted --\u003e(d0ee5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eSupport tests starting or ending with \u003ccode\u003etest\u003c/code\u003e in \u003ccode\u003eexperimental_parseSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/jgillick\"\u003e\u003ccode\u003e@​jgillick\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eJeremy Gillick\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9235\"\u003evitest-dev/vitest#9235\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2f367fad3\"\u003e\u003c!-- raw HTML omitted --\u003e(2f367)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd filters to \u003ccode\u003ecreateSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9336\"\u003evitest-dev/vitest#9336\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c8e6c7fbf\"\u003e\u003c!-- raw HTML omitted --\u003e(c8e6c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose \u003ccode\u003erunTestFiles\u003c/code\u003e as alternative to \u003ccode\u003erunTestSpecifications\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9443\"\u003evitest-dev/vitest#9443\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/43d761821\"\u003e\u003c!-- raw HTML omitted --\u003e(43d76)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9350\"\u003evitest-dev/vitest#9350\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/20e00ef78\"\u003e\u003c!-- raw HTML omitted --\u003e(20e00)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow passing down test cases to \u003ccode\u003etoTestSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9627\"\u003evitest-dev/vitest#9627\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6f17d5ddf\"\u003e\u003c!-- raw HTML omitted --\u003e(6f17d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003euserEvent.wheel\u003c/code\u003e API  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9188\"\u003evitest-dev/vitest#9188\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/660801979\"\u003e\u003c!-- raw HTML omitted --\u003e(66080)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003efilterNode\u003c/code\u003e option to prettyDOM for filtering browser assertion error output  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9475\"\u003evitest-dev/vitest#9475\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/d3220fcd8\"\u003e\u003c!-- raw HTML omitted --\u003e(d3220)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport playwright persistent context  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eClaude Opus 4.6\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9229\"\u003evitest-dev/vitest#9229\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f865d2ba4\"\u003e\u003c!-- raw HTML omitted --\u003e(f865d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003edetailsPanelPosition\u003c/code\u003e option and button  -  by \u003ca href=\"https://github.com/shairez\"\u003e\u003ccode\u003e@​shairez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9525\"\u003evitest-dev/vitest#9525\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c8a31147c\"\u003e\u003c!-- raw HTML omitted --\u003e(c8a31)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse BlazeDiff instead of pixelmatch  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9514\"\u003evitest-dev/vitest#9514\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/309362089\"\u003e\u003c!-- raw HTML omitted --\u003e(30936)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003efindElement\u003c/code\u003e and enable strict mode in webdriverio and preview  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9677\"\u003evitest-dev/vitest#9677\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c3f37721c\"\u003e\u003c!-- raw HTML omitted --\u003e(c3f37)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/bomb\"\u003e\u003ccode\u003e@​bomb\u003c/code\u003e\u003c/a\u003e.sh/tab completions  -  by \u003ca href=\"https://github.com/AmirSa12\"\u003e\u003ccode\u003e@​AmirSa12\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8639\"\u003evitest-dev/vitest#8639\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/200f31704\"\u003e\u003c!-- raw HTML omitted --\u003e(200f3)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003eignore start/stop\u003c/code\u003e ignore hints  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9204\"\u003evitest-dev/vitest#9204\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e59c94ba6\"\u003e\u003c!-- raw HTML omitted --\u003e(e59c9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecoverage.changed\u003c/code\u003e option to report only changed files  -  by \u003ca href=\"https://github.com/kykim00\"\u003e\u003ccode\u003e@​kykim00\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9521\"\u003evitest-dev/vitest#9521\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1d9392c67\"\u003e\u003c!-- raw HTML omitted --\u003e(1d939)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexperimental\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonModuleRunner\u003c/code\u003e hook to \u003ccode\u003eworker.init\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9286\"\u003evitest-dev/vitest#9286\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e977f3deb\"\u003e\u003c!-- raw HTML omitted --\u003e(e977f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOption to disable the module runner  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9210\"\u003evitest-dev/vitest#9210\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9be6121ee\"\u003e\u003c!-- raw HTML omitted --\u003e(9be61)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/4150b913171bda3971a4a4c47c633c26d0c6ae45\"\u003e\u003ccode\u003e4150b91\u003c/code\u003e\u003c/a\u003e chore: release v4.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/1de0aa22dd6311a93546a75a3c58a6be519c1baf\"\u003e\u003ccode\u003e1de0aa2\u003c/code\u003e\u003c/a\u003e fix: correctly identify concurrent test during static analysis (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9846\"\u003e#9846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/c3cac1c1b5a91d921942e9391fbd94841717363f\"\u003e\u003ccode\u003ec3cac1c\u003c/code\u003e\u003c/a\u003e fix: use isAgent check, not just TTY, for watch mode (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9841\"\u003e#9841\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/eab68ba2b8ea6f89717c0b885c573579659d7c3b\"\u003e\u003ccode\u003eeab68ba\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9824\"\u003e#9824\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/031f02a89be34491c441b4da9c4e2bacb7db71df\"\u003e\u003ccode\u003e031f02a\u003c/code\u003e\u003c/a\u003e fix: allow catch/finally for async assertion (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9827\"\u003e#9827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/3e9e096a231fa0ec6475da82e36cbd6fcc9bc8f9\"\u003e\u003ccode\u003e3e9e096\u003c/code\u003e\u003c/a\u003e feat(reporters): add \u003ccode\u003eagent\u003c/code\u003e reporter to reduce ai agent token usage (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9779\"\u003e#9779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c2c01361a95dd26d0d7fd7bc38bcca8dbc6e5d2\"\u003e\u003ccode\u003e0c2c013\u003c/code\u003e\u003c/a\u003e chore: release v4.1.0-beta.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8181e06e765f4d043818b244c76795022fa78ff6\"\u003e\u003ccode\u003e8181e06\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003ehideSkippedTests\u003c/code\u003e should not hide \u003ccode\u003etest.todo\u003c/code\u003e (fix \u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9562\"\u003e#9562\u003c/a\u003e) (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9781\"\u003e#9781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8216b0014b83612e40ef49f919d5293b68717b3\"\u003e\u003ccode\u003ea8216b0\u003c/code\u003e\u003c/a\u003e fix: manual and redirect mock shouldn't \u003ccode\u003eload\u003c/code\u003e or \u003ccode\u003etransform\u003c/code\u003e original module...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/689a22a1b8c79595f6f4ae82d2b43c895d7f1c50\"\u003e\u003ccode\u003e689a22a\u003c/code\u003e\u003c/a\u003e fix(browser): types of \u003ccode\u003egetCDPSession\u003c/code\u003e and \u003ccode\u003ecdp()\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9716\"\u003e#9716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.3.1 to 3.4.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🚨 \u003cstrong\u003eThis release had been flagged as deprecated, please use DOMPurify 3.4.5 instead\u003c/strong\u003e 🚨\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue with handling of nested Shadow DOM trees, thanks \u003ca href=\"https://github.com/fishjojo1\"\u003e\u003ccode\u003e@​fishjojo1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the template regexes to be more robust against ReDoS attacks, thanks \u003ca href=\"https://github.com/aleung27\"\u003e\u003ccode\u003e@​aleung27\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the node iteration code to catch more Shadow DOM related issues\u003c/li\u003e\n\u003cli\u003eUpdated Playwright and added Node 26 to test matrix\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, release signing, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/09f59115a311469de5b625225760593e551f080a\"\u003e\u003ccode\u003e09f5911\u003c/code\u003e\u003c/a\u003e test: added three more browsers to test setup (OSX, mobile)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.1...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 7.3.1 to 7.3.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.3...v7.3.5\"\u003e7.3.5\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22574\"\u003e#22574\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e8c18556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e backport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22573\"\u003e#22573\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003ef20d64b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eskip v7.3.4 release (\u003ca href=\"https://github.com/vitejs/vite/commit/8a6a0c9fc734dbfe293ac33a4954506ee50430e1\"\u003e8a6a0c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.3...v7.3.4\"\u003e7.3.4\u003c/a\u003e (2026-06-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22574\"\u003e#22574\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e8c18556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e backport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22573\"\u003e#22573\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003ef20d64b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.2...v7.3.3\"\u003e7.3.3\u003c/a\u003e (2026-05-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid destructure lowering for newer safari (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22346\"\u003e#22346\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e5ab51c0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/077945cb60df372a52cf999b6e532ba70fac7423\"\u003e\u003ccode\u003e077945c\u003c/code\u003e\u003c/a\u003e release: v7.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8a6a0c9fc734dbfe293ac33a4954506ee50430e1\"\u003e\u003ccode\u003e8a6a0c9\u003c/code\u003e\u003c/a\u003e chore: skip v7.3.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/8c1855607b7c9884c4565d897ee98899a008a2d0\"\u003e\u003ccode\u003e8c18556\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22572\"\u003e#22572\u003c/a\u003e, reject windows alternate paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22574\"\u003e#22574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f20d64bef6e0ef1e4fa7a9783281c7bba0ce5292\"\u003e\u003ccode\u003ef20d64b\u003c/code\u003e\u003c/a\u003e fix(deps): backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22571\"\u003e#22571\u003c/a\u003e, reject UNC paths for launch-editor-middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/2\"\u003e#2\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca31424cccb075c88131132b929a63527d0e2b69\"\u003e\u003ccode\u003eca31424\u003c/code\u003e\u003c/a\u003e release: v7.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e\u003ccode\u003e5ab51c0\u003c/code\u003e\u003c/a\u003e fix: avoid destructure lowering for newer safari (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22346\"\u003e#22346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.5/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 4.0.18 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003cp\u003eVitest 4.1 is out!\u003c/p\u003e\n\u003cp\u003eThis release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our \u003ca href=\"https://vitest.dev/blog/vitest-4-1\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReturn a disposable from doMock()  -  by \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9332\"\u003evitest-dev/vitest#9332\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e3e659a96\"\u003e\u003c!-- raw HTML omitted --\u003e(e3e65)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded chai style assertions  -  by \u003ca href=\"https://github.com/ronnakamoto\"\u003e\u003ccode\u003e@​ronnakamoto\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8842\"\u003evitest-dev/vitest#8842\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/841df9ac5\"\u003e\u003c!-- raw HTML omitted --\u003e(841df)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to sinon/fake-timers v15 and add \u003ccode\u003esetTickMode\u003c/code\u003e to timer controls  -  by \u003ca href=\"https://github.com/atscott\"\u003e\u003ccode\u003e@​atscott\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8726\"\u003evitest-dev/vitest#8726\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4b480aaed\"\u003e\u003c!-- raw HTML omitted --\u003e(4b480)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose matcher types  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9448\"\u003evitest-dev/vitest#9448\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/3e4b913b1\"\u003e\u003c!-- raw HTML omitted --\u003e(3e4b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etoTestSpecification\u003c/code\u003e to reported tasks  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9464\"\u003evitest-dev/vitest#9464\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1a4705da9\"\u003e\u003c!-- raw HTML omitted --\u003e(1a470)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow a warning if \u003ccode\u003evi.mock\u003c/code\u003e or \u003ccode\u003evi.hoisted\u003c/code\u003e are declared outside of top level of the module  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9387\"\u003evitest-dev/vitest#9387\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/5db54a468\"\u003e\u003c!-- raw HTML omitted --\u003e(5db54)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTrack and display expectedly failed tests (.fails) in UI and CLI  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9476\"\u003evitest-dev/vitest#9476\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/77d75fd34\"\u003e\u003c!-- raw HTML omitted --\u003e(77d75)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport tags  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9478\"\u003evitest-dev/vitest#9478\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/de7c8a521\"\u003e\u003c!-- raw HTML omitted --\u003e(de7c8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003earoundEach\u003c/code\u003e and \u003ccode\u003earoundAll\u003c/code\u003e hooks  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9450\"\u003evitest-dev/vitest#9450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2a8cb9dc2\"\u003e\u003c!-- raw HTML omitted --\u003e(2a8cb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStabilize experimental features  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9529\"\u003evitest-dev/vitest#9529\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/b5fd2a16a\"\u003e\u003c!-- raw HTML omitted --\u003e(b5fd2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAccept \u003ccode\u003enew\u003c/code\u003e or \u003ccode\u003eall\u003c/code\u003e in \u003ccode\u003e--update\u003c/code\u003e flag  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9543\"\u003evitest-dev/vitest#9543\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/a5acf28a5\"\u003e\u003c!-- raw HTML omitted --\u003e(a5acf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003emeta\u003c/code\u003e in test options  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9535\"\u003evitest-dev/vitest#9535\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7d622e3d1\"\u003e\u003c!-- raw HTML omitted --\u003e(7d622)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport type inference with a new \u003ccode\u003etest.extend\u003c/code\u003e syntax  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9550\"\u003evitest-dev/vitest#9550\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e53854fcc\"\u003e\u003c!-- raw HTML omitted --\u003e(e5385)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport vite 8 beta, fix type issues in the config with different vite versions  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9587\"\u003evitest-dev/vitest#9587\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/990281dfd\"\u003e\u003c!-- raw HTML omitted --\u003e(99028)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd assertion helper to hide internal stack traces  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9594\"\u003evitest-dev/vitest#9594\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/eeb0ae2f8\"\u003e\u003c!-- raw HTML omitted --\u003e(eeb0a)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStore failure screenshots using artifacts API  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9588\"\u003evitest-dev/vitest#9588\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/24603e3c4\"\u003e\u003c!-- raw HTML omitted --\u003e(24603)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003evitest list\u003c/code\u003e to statically collect tests instead of running files to collect them  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9630\"\u003evitest-dev/vitest#9630\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7a8e7fc20\"\u003e\u003c!-- raw HTML omitted --\u003e(7a8e7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--detect-async-leaks\u003c/code\u003e  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9528\"\u003evitest-dev/vitest#9528\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c594d4af3\"\u003e\u003c!-- raw HTML omitted --\u003e(c594d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003emockThrow\u003c/code\u003e and \u003ccode\u003emockThrowOnce\u003c/code\u003e  -  by \u003ca href=\"https://github.com/thor-juhasz\"\u003e\u003ccode\u003e@​thor-juhasz\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9512\"\u003evitest-dev/vitest#9512\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/619179fb7\"\u003e\u003c!-- raw HTML omitted --\u003e(61917)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eupdate: \u0026quot;none\u0026quot;\u003c/code\u003e and add docs about snapshots behavior on CI  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9700\"\u003evitest-dev/vitest#9700\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/05f1854e2\"\u003e\u003c!-- raw HTML omitted --\u003e(05f18)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport playwright \u003ccode\u003elaunchOptions\u003c/code\u003e with \u003ccode\u003econnectOptions\u003c/code\u003e  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9702\"\u003evitest-dev/vitest#9702\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f0ff1b2a0\"\u003e\u003c!-- raw HTML omitted --\u003e(f0ff1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003epage/locator.mark\u003c/code\u003e API to enhance playwright trace  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9652\"\u003evitest-dev/vitest#9652\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/d0ee546fe\"\u003e\u003c!-- raw HTML omitted --\u003e(d0ee5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eSupport tests starting or ending with \u003ccode\u003etest\u003c/code\u003e in \u003ccode\u003eexperimental_parseSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/jgillick\"\u003e\u003ccode\u003e@​jgillick\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eJeremy Gillick\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9235\"\u003evitest-dev/vitest#9235\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2f367fad3\"\u003e\u003c!-- raw HTML omitted --\u003e(2f367)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd filters to \u003ccode\u003ecreateSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9336\"\u003evitest-dev/vitest#9336\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c8e6c7fbf\"\u003e\u003c!-- raw HTML omitted --\u003e(c8e6c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose \u003ccode\u003erunTestFiles\u003c/code\u003e as alternative to \u003ccode\u003erunTestSpecifications\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9443\"\u003evitest-dev/vitest#9443\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/43d761821\"\u003e\u003c!-- raw HTML omitted --\u003e(43d76)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9350\"\u003evitest-dev/vitest#9350\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/20e00ef78\"\u003e\u003c!-- raw HTML omitted --\u003e(20e00)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow passing down test cases to \u003ccode\u003etoTestSpecification\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9627\"\u003evitest-dev/vitest#9627\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6f17d5ddf\"\u003e\u003c!-- raw HTML omitted --\u003e(6f17d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003euserEvent.wheel\u003c/code\u003e API  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9188\"\u003evitest-dev/vitest#9188\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/660801979\"\u003e\u003c!-- raw HTML omitted --\u003e(66080)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003efilterNode\u003c/code\u003e option to prettyDOM for filtering browser assertion error output  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9475\"\u003evitest-dev/vitest#9475\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/d3220fcd8\"\u003e\u003c!-- raw HTML omitted --\u003e(d3220)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport playwright persistent context  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eClaude Opus 4.6\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9229\"\u003evitest-dev/vitest#9229\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f865d2ba4\"\u003e\u003c!-- raw HTML omitted --\u003e(f865d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003edetailsPanelPosition\u003c/code\u003e option and button  -  by \u003ca href=\"https://github.com/shairez\"\u003e\u003ccode\u003e@​shairez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9525\"\u003evitest-dev/vitest#9525\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c8a31147c\"\u003e\u003c!-- raw HTML omitted --\u003e(c8a31)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse BlazeDiff instead of pixelmatch  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9514\"\u003evitest-dev/vitest#9514\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/309362089\"\u003e\u003c!-- raw HTML omitted --\u003e(30936)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003efindElement\u003c/code\u003e and enable strict mode in webdriverio and preview  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9677\"\u003evitest-dev/vitest#9677\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/c3f37721c\"\u003e\u003c!-- raw HTML omitted --\u003e(c3f37)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/bomb\"\u003e\u003ccode\u003e@​bomb\u003c/code\u003e\u003c/a\u003e.sh/tab completions  -  by \u003ca href=\"https://github.com/AmirSa12\"\u003e\u003ccode\u003e@​AmirSa12\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8639\"\u003evitest-dev/vitest#8639\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/200f31704\"\u003e\u003c!-- raw HTML omitted --\u003e(200f3)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003eignore start/stop\u003c/code\u003e ignore hints  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9204\"\u003evitest-dev/vitest#9204\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e59c94ba6\"\u003e\u003c!-- raw HTML omitted --\u003e(e59c9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecoverage.changed\u003c/code\u003e option to report only changed files  -  by \u003ca href=\"https://github.com/kykim00\"\u003e\u003ccode\u003e@​kykim00\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9521\"\u003evitest-dev/vitest#9521\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1d9392c67\"\u003e\u003c!-- raw HTML omitted --\u003e(1d939)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexperimental\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonModuleRunner\u003c/code\u003e hook to \u003ccode\u003eworker.init\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9286\"\u003evitest-dev/vitest#9286\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e977f3deb\"\u003e\u003c!-- raw HTML omitted --\u003e(e977f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOption to disable the module runner  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9210\"\u003evitest-dev/vitest#9210\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9be6121ee\"\u003e\u003c!-- raw HTML omitted --\u003e(9be61)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/4150b913171bda3971a4a4c47c633c26d0c6ae45\"\u003e\u003ccode\u003e4150b91\u003c/code\u003e\u003c/a\u003e chore: release v4.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/1de0aa22dd6311a93546a75a3c58a6be519c1baf\"\u003e\u003ccode\u003e1de0aa2\u003c/code\u003e\u003c/a\u003e fix: correctly identify concurrent test during static analysis (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9846\"\u003e#9846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/c3cac1c1b5a91d921942e9391fbd94841717363f\"\u003e\u003ccode\u003ec3cac1c\u003c/code\u003e\u003c/a\u003e fix: use isAgent check, not just TTY, for watch mode (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9841\"\u003e#9841\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/eab68ba2b8ea6f89717c0b885c573579659d7c3b\"\u003e\u003ccode\u003eeab68ba\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9824\"\u003e#9824\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/031f02a89be34491c441b4da9c4e2bacb7db71df\"\u003e\u003ccode\u003e031f02a\u003c/code\u003e\u003c/a\u003e fix: allow catch/finally for async assertion (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9827\"\u003e#9827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/3e9e096a231fa0ec6475da82e36cbd6fcc9bc8f9\"\u003e\u003ccode\u003e3e9e096\u003c/code\u003e\u003c/a\u003e feat(reporters): add \u003ccode\u003eagent\u003c/code\u003e reporter to reduce ai agent token usage (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9779\"\u003e#9779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c2c01361a95dd26d0d7fd7bc38bcca8dbc6e5d2\"\u003e\u003ccode\u003e0c2c013\u003c/code\u003e\u003c/a\u003e chore: release v4.1.0-beta.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8181e06e765f4d043818b244c76795022fa78ff6\"\u003e\u003ccode\u003e8181e06\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003ehideSkippedTests\u003c/code\u003e should not hide \u003ccode\u003etest.todo\u003c/code\u003e (fix \u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9562\"\u003e#9562\u003c/a\u003e) (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9781\"\u003e#9781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8216b0014b83612e40ef49f919d5293b68717b3\"\u003e\u003ccode\u003ea8216b0\u003c/code\u003e\u003c/a\u003e fix: manual and redirect mock shouldn't \u003ccode\u003eload\u003c/code\u003e or \u003ccode\u003etransform\u003c/code\u003e original module...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/689a22a1b8c79595f6f4ae82d2b43c895d7f1c50\"\u003e\u003ccode\u003e689a22a\u003c/code\u003e\u003c/a\u003e fix(browser): types of \u003ccode\u003egetCDPSession\u003c/code\u003e and \u003ccode\u003ecdp()\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-d...\n\n_Description has been truncated_","html_url":"https://github.com/WIFER10/openclaw/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/WIFER10%2Fopenclaw/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"3.4.8","new_version":"3.4.9","update_type":"patch","path":"/web","pr_created_at":"2026-06-15T23:42:08.000Z","version_change":"3.4.8 → 3.4.9","issue":{"uuid":"4669757509","node_id":"PR_kwDOJb7SK87mxx7J","number":12089,"state":"open","title":"chore(deps): bump dompurify from 3.4.8 to 3.4.9 in /web","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T23:42:08.000Z","updated_at":"2026-06-15T23:42:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/web","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/onyx-dot-app/onyx/network/alerts).\n\n\u003c/details\u003e\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate `dompurify` to 3.4.9 in `web` for improved Trusted Types handling and more reliable in-place sanitization. No app changes required.\n\n\u003csup\u003eWritten for commit d8099aa5b48258d19b197d50743989b74a233dd3. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/onyx-dot-app/onyx/pull/12089?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/onyx-dot-app/onyx/pull/12089","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/onyx-dot-app%2Fonyx/issues/12089","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12089/packages"}},{"old_version":"3.4.8","new_version":"3.4.9","update_type":"patch","path":"/superset-frontend","pr_created_at":"2026-06-15T23:39:39.000Z","version_change":"3.4.8 → 3.4.9","issue":{"uuid":"4669743609","node_id":"PR_kwDOAlosUs7mxvBq","number":41089,"state":"open","title":"chore(deps): bump dompurify from 3.4.8 to 3.4.9 in /superset-frontend","user":"dependabot[bot]","labels":["size/XS","dependabot","npm","javascript","plugins","dependencies:npm","packages"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T23:39:39.000Z","updated_at":"2026-06-15T23:49:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/superset-frontend","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/superset/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/apache/superset/pull/41089","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fsuperset/issues/41089","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/41089/packages"}},{"old_version":"3.4.0","new_version":"3.4.9","update_type":"patch","path":null,"pr_created_at":"2026-06-15T22:54:01.000Z","version_change":"3.4.0 → 3.4.9","issue":{"uuid":"4669519980","node_id":"PR_kwDOFoczYs7mxAMQ","number":4062,"state":"open","title":"chore(deps): bump dompurify from 3.4.0 to 3.4.9","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T22:54:01.000Z","updated_at":"2026-06-15T22:57:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"dompurify","old_version":"3.4.0","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":null,"ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.0 to 3.4.9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🚨 \u003cstrong\u003eThis release had been flagged as deprecated, please use DOMPurify 3.4.5 instead\u003c/strong\u003e 🚨\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue with handling of nested Shadow DOM trees, thanks \u003ca href=\"https://github.com/fishjojo1\"\u003e\u003ccode\u003e@​fishjojo1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the template regexes to be more robust against ReDoS attacks, thanks \u003ca href=\"https://github.com/aleung27\"\u003e\u003ccode\u003e@​aleung27\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the node iteration code to catch more Shadow DOM related issues\u003c/li\u003e\n\u003cli\u003eUpdated Playwright and added Node 26 to test matrix\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, release signing, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/09f59115a311469de5b625225760593e551f080a\"\u003e\u003ccode\u003e09f5911\u003c/code\u003e\u003c/a\u003e test: added three more browsers to test setup (OSX, mobile)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.0...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.0\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/GovAlta/ui-components/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/GovAlta/ui-components/pull/4062","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GovAlta%2Fui-components/issues/4062","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4062/packages"}},{"old_version":"3.4.8","new_version":"3.4.9","update_type":"patch","path":"/docs/operational/reports in the npm_and_yarn group across 1 directory","pr_created_at":"2026-06-15T21:35:38.000Z","version_change":"3.4.8 → 3.4.9","issue":{"uuid":"4669087460","node_id":"PR_kwDOOWxMbM7mvkS2","number":1059,"state":"open","title":"build(deps): bump dompurify from 3.4.8 to 3.4.9 in /docs/operational/reports in the npm_and_yarn group across 1 directory","user":"dependabot[bot]","labels":["dependencies","javascript","ci: passed"],"assignees":["AUo959"],"locked":false,"comments_count":26,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T21:35:38.000Z","updated_at":"2026-06-15T21:50:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.9","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/docs/operational/reports in the npm_and_yarn group across 1 directory","ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /docs/operational/reports directory: [dompurify](https://github.com/cure53/DOMPurify).\n\nUpdates `dompurify` from 3.4.8 to 3.4.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.8\u0026new-version=3.4.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AUo959/aurora-cloudbank-symbolic/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AUo959/aurora-cloudbank-symbolic/pull/1059","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AUo959%2Faurora-cloudbank-symbolic/issues/1059","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1059/packages"}},{"old_version":"3.4.1","new_version":"3.4.10","update_type":"patch","path":"/momentum/website","pr_created_at":"2026-06-15T20:44:38.000Z","version_change":"3.4.1 → 3.4.10","issue":{"uuid":"4668765467","node_id":"PR_kwDOMJdHfs7mufEF","number":1509,"state":"closed","title":"Bump dompurify from 3.4.1 to 3.4.10 in /momentum/website","user":"dependabot[bot]","labels":["CLA Signed","dependencies","Merged","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-06-15T23:19:20.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-15T20:44:38.000Z","updated_at":"2026-06-15T23:19:42.000Z","time_to_close":9282,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"dompurify","old_version":"3.4.1","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/momentum/website","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.1 to 3.4.10.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.1...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.1\u0026new-version=3.4.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebookresearch/momentum/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/facebookresearch/momentum/pull/1509","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/facebookresearch%2Fmomentum/issues/1509","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1509/packages"}},{"old_version":"^3.3.3","new_version":"^3.4.10","update_type":"minor","path":"/superset-frontend/plugins/legacy-preset-chart-nvd3","pr_created_at":"2026-06-15T10:26:24.000Z","version_change":"^3.3.3 → ^3.4.10","issue":{"uuid":"4664212914","node_id":"PR_kwDOSV0BMc7mfWS6","number":103,"state":"open","title":"chore(deps): update dompurify requirement from ^3.3.3 to ^3.4.10 in /superset-frontend/plugins/legacy-preset-chart-nvd3","user":"dependabot[bot]","labels":["dependencies:npm","plugins"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T10:26:24.000Z","updated_at":"2026-06-15T10:26:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): update","packages":[{"name":"dompurify","old_version":"^3.3.3","new_version":"^3.4.10","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/superset-frontend/plugins/legacy-preset-chart-nvd3","ecosystem":"npm"},"body":"Updates the requirements on [dompurify](https://github.com/cure53/DOMPurify) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.3...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/meh-02/superset/pull/103","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/meh-02%2Fsuperset/issues/103","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/103/packages"}},{"old_version":"3.4.8","new_version":"3.4.10","update_type":"patch","path":"/pages","pr_created_at":"2026-06-15T09:26:16.000Z","version_change":"3.4.8 → 3.4.10","issue":{"uuid":"4663752902","node_id":"PR_kwDOQteRjc7mdz8B","number":323,"state":"closed","title":"chore(deps)(deps): bump the all-minor-patch group in /pages with 5 updates","user":"dependabot[bot]","labels":["dependencies","frontend"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-16T02:24:56.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-15T09:26:16.000Z","updated_at":"2026-06-16T02:24:57.000Z","time_to_close":61120,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"all-minor-patch","update_count":5,"packages":[{"name":"axios","old_version":"1.17.0","new_version":"1.18.0","repository_url":"https://github.com/axios/axios"},{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"@types/node","old_version":"25.9.2","new_version":"25.9.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint-plugin-react-hooks","old_version":"7.0.1","new_version":"7.1.1","repository_url":"https://github.com/facebook/react"},{"name":"eslint-plugin-react-refresh","old_version":"0.4.26","new_version":"0.5.3","repository_url":"https://github.com/ArnaudBarre/eslint-plugin-react-refresh"}],"path":"/pages","ecosystem":"npm"},"body":"Bumps the all-minor-patch group in /pages with 5 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.17.0` | `1.18.0` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.8` | `3.4.10` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.2` | `25.9.3` |\n| [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `7.0.1` | `7.1.1` |\n| [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.4.26` | `0.5.3` |\n\nUpdates `axios` from 1.17.0 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d06f96e8602c2db13b65a26340ee4a1bbc0b61f\"\u003e\u003ccode\u003e2d06f96\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.18.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32fc489632377d214db55bfa4e2c48486a7d7ce2\"\u003e\u003ccode\u003e32fc489\u003c/code\u003e\u003c/a\u003e fix: malformed http urls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b40ce498abfa10d90b873b4fd08f520afa5d2545\"\u003e\u003ccode\u003eb40ce49\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 10 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fe964f960ecb52c3e1155b0daf7be77541956b01\"\u003e\u003ccode\u003efe964f9\u003c/code\u003e\u003c/a\u003e docs: mark proxy config as Node.js only (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5f229d2d1f018d1db3dab6bbe034dbf3f9041b99\"\u003e\u003ccode\u003e5f229d2\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fae9d4e7db6a858c407c75e607a071c533c5c4f6\"\u003e\u003ccode\u003efae9d4e\u003c/code\u003e\u003c/a\u003e docs: clarify package update PR policy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28ab2ced820e55192806c53472ab3eb0cbb68dc2\"\u003e\u003ccode\u003e28ab2ce\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a8e4f13aeecc45a3b8fab3ecfd9ddb5d70fb772b\"\u003e\u003ccode\u003ea8e4f13\u003c/code\u003e\u003c/a\u003e fix(core): keep default validateStatus when request passes undefined (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/614f4552a17de757d4171ad7c3bd38c9c1025fd8\"\u003e\u003ccode\u003e614f455\u003c/code\u003e\u003c/a\u003e docs: publish v1.17.0 release notes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6bb12c191f5380fad321322fb90216ae0dc36985\"\u003e\u003ccode\u003e6bb12c1\u003c/code\u003e\u003c/a\u003e fix: custom auth headers not stripped on cross-origin redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.4.8 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.2 to 25.9.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint-plugin-react-hooks` from 7.0.1 to 7.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003eeslint-plugin-react-hooks's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eeslint-plugin-react-hooks@7.1.1 (April 17, 2026)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e 7.1.0 accidentally removed the \u003ccode\u003ecomponent-hook-factories\u003c/code\u003e rule, causing errors for users who referenced it in their ESLint config. This is now fixed.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd deprecated no-op \u003ccode\u003ecomponent-hook-factories\u003c/code\u003e rule for backwards compatibility. (\u003ca href=\"https://github.com/mofeiZ\"\u003e\u003ccode\u003e@​mofeiZ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/36307\"\u003e#36307\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eeslint-plugin-react-hooks@7.1.0 (April 16, 2026)\u003c/h2\u003e\n\u003cp\u003eThis release adds ESLint v10 support, improves performance by skipping compilation for non-React files, and includes compiler lint improvements including better \u003ccode\u003eset-state-in-effect\u003c/code\u003e detection, improved ref validation, and more helpful error reporting.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ESLint v10 support. (\u003ca href=\"https://github.com/azat-io\"\u003e\u003ccode\u003e@​azat-io\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35720\"\u003e#35720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip compilation for non-React files to improve performance. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35589\"\u003e#35589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix exhaustive deps bug with Flow type casting. (\u003ca href=\"https://github.com/jorge-cab\"\u003e\u003ccode\u003e@​jorge-cab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35691\"\u003e#35691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euseEffectEvent\u003c/code\u003e checks in component syntax. (\u003ca href=\"https://github.com/jbrown215\"\u003e\u003ccode\u003e@​jbrown215\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35041\"\u003e#35041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved \u003ccode\u003eset-state-in-effect\u003c/code\u003e validation with fewer false negatives. (\u003ca href=\"https://github.com/jorge-cab\"\u003e\u003ccode\u003e@​jorge-cab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35134\"\u003e#35134\u003c/a\u003e, \u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35147\"\u003e#35147\u003c/a\u003e, \u003ca href=\"https://github.com/jackpope\"\u003e\u003ccode\u003e@​jackpope\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35214\"\u003e#35214\u003c/a\u003e, \u003ca href=\"https://github.com/chesnokov-tony\"\u003e\u003ccode\u003e@​chesnokov-tony\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35419\"\u003e#35419\u003c/a\u003e, \u003ca href=\"https://github.com/jsleitor\"\u003e\u003ccode\u003e@​jsleitor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/36107\"\u003e#36107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved ref validation for non-mutating functions and event handler props. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35893\"\u003e#35893\u003c/a\u003e, \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35062\"\u003e#35062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCompiler now reports all errors instead of stopping at the first. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35873\"\u003e#35873\u003c/a\u003e–\u003ca href=\"https://redirect.github.com/facebook/react/pull/35884\"\u003e#35884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved source locations and error display in compiler diagnostics. (\u003ca href=\"https://github.com/nathanmarks\"\u003e\u003ccode\u003e@​nathanmarks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35348\"\u003e#35348\u003c/a\u003e, \u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/34963\"\u003e#34963\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md\"\u003eeslint-plugin-react-hooks's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e 7.1.0 accidentally removed the \u003ccode\u003ecomponent-hook-factories\u003c/code\u003e rule, causing errors for users who referenced it in their ESLint config. This is now fixed.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd deprecated no-op \u003ccode\u003ecomponent-hook-factories\u003c/code\u003e rule for backwards compatibility. (\u003ca href=\"https://github.com/mofeiZ\"\u003e\u003ccode\u003e@​mofeiZ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/36307\"\u003e#36307\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1.0\u003c/h2\u003e\n\u003cp\u003eThis release adds ESLint v10 support, improves performance by skipping compilation for non-React files, and includes compiler lint improvements including better \u003ccode\u003eset-state-in-effect\u003c/code\u003e detection, improved ref validation, and more helpful error reporting.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ESLint v10 support. (\u003ca href=\"https://github.com/azat-io\"\u003e\u003ccode\u003e@​azat-io\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35720\"\u003e#35720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip compilation for non-React files to improve performance. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35589\"\u003e#35589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix exhaustive deps bug with Flow type casting. (\u003ca href=\"https://github.com/jorge-cab\"\u003e\u003ccode\u003e@​jorge-cab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35691\"\u003e#35691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euseEffectEvent\u003c/code\u003e checks in component syntax. (\u003ca href=\"https://github.com/jbrown215\"\u003e\u003ccode\u003e@​jbrown215\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35041\"\u003e#35041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved \u003ccode\u003eset-state-in-effect\u003c/code\u003e validation with fewer false negatives. (\u003ca href=\"https://github.com/jorge-cab\"\u003e\u003ccode\u003e@​jorge-cab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35134\"\u003e#35134\u003c/a\u003e, \u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35147\"\u003e#35147\u003c/a\u003e, \u003ca href=\"https://github.com/jackpope\"\u003e\u003ccode\u003e@​jackpope\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35214\"\u003e#35214\u003c/a\u003e, \u003ca href=\"https://github.com/chesnokov-tony\"\u003e\u003ccode\u003e@​chesnokov-tony\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35419\"\u003e#35419\u003c/a\u003e, \u003ca href=\"https://github.com/jsleitor\"\u003e\u003ccode\u003e@​jsleitor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/36107\"\u003e#36107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved ref validation for non-mutating functions and event handler props. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35893\"\u003e#35893\u003c/a\u003e, \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35062\"\u003e#35062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCompiler now reports all errors instead of stopping at the first. (\u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35873\"\u003e#35873\u003c/a\u003e–\u003ca href=\"https://redirect.github.com/facebook/react/pull/35884\"\u003e#35884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved source locations and error display in compiler diagnostics. (\u003ca href=\"https://github.com/nathanmarks\"\u003e\u003ccode\u003e@​nathanmarks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/35348\"\u003e#35348\u003c/a\u003e, \u003ca href=\"https://github.com/josephsavona\"\u003e\u003ccode\u003e@​josephsavona\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/facebook/react/pull/34963\"\u003e#34963\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/eslint-plugin-react-hooks@7.1.1/packages/eslint-plugin-react-hooks\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint-plugin-react-refresh` from 0.4.26 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases\"\u003eeslint-plugin-react-refresh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix check for non component class exported via \u003ccode\u003eexport { }\u003c/code\u003e \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110\"\u003e#110\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109\"\u003e#109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport nested function calls for extraHOCs (actually fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMark ESLint v10 as supported\u003c/li\u003e\n\u003cli\u003eSupport false positives with TypeScript function overloading (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/105\"\u003e#105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport nested function calls for extraHOCs (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.5.0\u003c/h2\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use \u003ca href=\"https://eslint.org/docs/latest/use/configure/migration-guide\"\u003eflat config\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eA new \u003ccode\u003ereactRefresh\u003c/code\u003e export is available and prefered over the default export. It's an object with two properties:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eplugin\u003c/code\u003e: The plugin object with the rules\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003econfigs\u003c/code\u003e: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecustomHOCs\u003c/code\u003e option was renamed to \u003ccode\u003eextraHOCs\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eValidation of HOCs calls is now more strict, you may need to add some HOCs to the \u003ccode\u003eextraHOCs\u003c/code\u003e option (like \u003ccode\u003econnect\u003c/code\u003e or \u003ccode\u003estyled\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eConfig example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { defineConfig } from \u0026quot;eslint/config\u0026quot;;\r\nimport { reactRefresh } from \u0026quot;eslint-plugin-react-refresh\u0026quot;;\r\n\u003cp\u003eexport default defineConfig(\n/* Main config */\nreactRefresh.configs.vite({ extraHOCs: [\u0026quot;someLibHOC\u0026quot;] }),\n);\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eConfig example without config:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { defineConfig } from \u0026quot;eslint/config\u0026quot;;\r\nimport { reactRefresh } from \u0026quot;eslint-plugin-react-refresh\u0026quot;;\r\n\u003cp\u003eexport default defineConfig({\nfiles: [\u0026quot;\u003cstrong\u003e/*.ts\u0026quot;, \u0026quot;\u003c/strong\u003e/*.tsx\u0026quot;],\nplugins: {\n// other plugins\n\u0026quot;react-refresh\u0026quot;: reactRefresh.plugin,\n},\nrules: {\n// other rules\n\u0026quot;react-refresh/only-export-components\u0026quot;: [\n\u0026quot;warn\u0026quot;,\n{ extraHOCs: [\u0026quot;someLibHOC\u0026quot;] },\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md\"\u003eeslint-plugin-react-refresh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix check for non component class exported via \u003ccode\u003eexport { }\u003c/code\u003e \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110\"\u003e#110\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109\"\u003e#109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport nested function calls for extraHOCs (actually fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMark ESLint v10 as supported\u003c/li\u003e\n\u003cli\u003eSupport false positives with TypeScript function overloading (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/105\"\u003e#105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport nested function calls for extraHOCs (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.0\u003c/h2\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use \u003ca href=\"https://eslint.org/docs/latest/use/configure/migration-guide\"\u003eflat config\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eA new \u003ccode\u003ereactRefresh\u003c/code\u003e export is available and prefered over the default export. It's an object with two properties:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eplugin\u003c/code\u003e: The plugin object with the rules\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003econfigs\u003c/code\u003e: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecustomHOCs\u003c/code\u003e option was renamed to \u003ccode\u003eextraHOCs\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eValidation of HOCs calls is now more strict, you may need to add some HOCs to the \u003ccode\u003eextraHOCs\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eConfig example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { defineConfig } from \u0026quot;eslint/config\u0026quot;;\nimport { reactRefresh } from \u0026quot;eslint-plugin-react-refresh\u0026quot;;\n\u003cp\u003eexport default defineConfig(\n/* Main config */\nreactRefresh.configs.vite({ extraHOCs: [\u0026quot;someLibHOC\u0026quot;] }),\n);\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eConfig example without config:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { defineConfig } from \u0026quot;eslint/config\u0026quot;;\nimport { reactRefresh } from \u0026quot;eslint-plugin-react-refresh\u0026quot;;\n\u003cp\u003eexport default defineConfig({\nfiles: [\u0026quot;\u003cstrong\u003e/*.ts\u0026quot;, \u0026quot;\u003c/strong\u003e/*.tsx\u0026quot;],\nplugins: {\n// other plugins\n\u0026quot;react-refresh\u0026quot;: reactRefresh.plugin,\n},\nrules: {\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/00818e991486da1e4b76f510f5f9113271549944\"\u003e\u003ccode\u003e00818e9\u003c/code\u003e\u003c/a\u003e v0.5.3 [publish]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/202fc4a8bddcfb442a317ad604693d8436c3d3ea\"\u003e\u003ccode\u003e202fc4a\u003c/code\u003e\u003c/a\u003e Fix PascalCase class exported via \u003ccode\u003eexport { Name }\u003c/code\u003e incorrectly treated as Re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/c0317bfe447d1f014e5e0bedcdfe77e50343c871\"\u003e\u003ccode\u003ec0317bf\u003c/code\u003e\u003c/a\u003e Fix support for nested function calls for extraHOCs [publish]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/42a1805ef5c18354e7b4cfe9db48891f6e2a00f2\"\u003e\u003ccode\u003e42a1805\u003c/code\u003e\u003c/a\u003e Explicit v10 support (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/106\"\u003e#106\u003c/a\u003e) [publish]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/199793e0d65ef30d24aadf077ed994f582264724\"\u003e\u003ccode\u003e199793e\u003c/code\u003e\u003c/a\u003e Support nested function calls for extraHOCs (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/104\"\u003e#104\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/26b3c1525e7008545dee68b2deb4601802b88ade\"\u003e\u003ccode\u003e26b3c15\u003c/code\u003e\u003c/a\u003e Support false positives with TypeScript function overloading (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/105\"\u003e#105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/daa2efb2a2899ad7e793fc42e01bddbbc132074f\"\u003e\u003ccode\u003edaa2efb\u003c/code\u003e\u003c/a\u003e Revamp logic to catch more cases [publish] (\u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.4.26...v0.5.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/Innovate-To-Grow/Innovate-To-Grow-Website/pull/323","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Innovate-To-Grow%2FInnovate-To-Grow-Website/issues/323","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/323/packages"}},{"old_version":"3.4.8","new_version":"3.4.10","update_type":"patch","path":null,"pr_created_at":"2026-06-15T04:07:46.000Z","version_change":"3.4.8 → 3.4.10","issue":{"uuid":"4661955433","node_id":"PR_kwDODK_9xc7mX7Dl","number":1973,"state":"open","title":"chore(deps): bump the minor-and-patch group with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T04:07:46.000Z","updated_at":"2026-06-15T04:08:06.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":19,"packages":[{"name":"@storybook/addon-docs","old_version":"10.4.2","new_version":"10.4.4","repository_url":"https://github.com/storybookjs/storybook"},{"name":"@storybook/addon-links","old_version":"10.4.2","new_version":"10.4.4","repository_url":"https://github.com/storybookjs/storybook"},{"name":"@storybook/html-vite","old_version":"10.4.2","new_version":"10.4.4","repository_url":"https://github.com/storybookjs/storybook"},{"name":"@types/node","old_version":"24.13.1","new_version":"24.13.2","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@typescript-eslint/eslint-plugin","old_version":"8.60.1","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/parser","old_version":"8.60.1","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/utils","old_version":"8.60.1","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"eslint","old_version":"10.4.1","new_version":"10.5.0","repository_url":"https://github.com/eslint/eslint"},{"name":"prettier","old_version":"3.8.3","new_version":"3.8.4","repository_url":"https://github.com/prettier/prettier"},{"name":"sass","old_version":"1.100.0","new_version":"1.101.0","repository_url":"https://github.com/sass/dart-sass"},{"name":"storybook","old_version":"10.4.2","new_version":"10.4.4","repository_url":"https://github.com/storybookjs/storybook"},{"name":"style-dictionary","old_version":"5.4.3","new_version":"5.4.4","repository_url":"https://github.com/style-dictionary/style-dictionary"},{"name":"turbo","old_version":"2.9.16","new_version":"2.9.18","repository_url":"https://github.com/vercel/turborepo"},{"name":"typescript-eslint","old_version":"8.60.1","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@oxc-parser/binding-linux-arm64-gnu","old_version":"0.134.0","new_version":"0.135.0","repository_url":"https://github.com/oxc-project/oxc"},{"name":"@oxc-parser/binding-linux-x64-gnu","old_version":"0.134.0","new_version":"0.135.0","repository_url":"https://github.com/oxc-project/oxc"},{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"postcss","old_version":"8.5.14","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"unocss","old_version":"66.7.0","new_version":"66.7.2","repository_url":"https://github.com/unocss/unocss"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 19 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@storybook/addon-docs](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs) | `10.4.2` | `10.4.4` |\n| [@storybook/addon-links](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/links) | `10.4.2` | `10.4.4` |\n| [@storybook/html-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/html-vite) | `10.4.2` | `10.4.4` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.13.1` | `24.13.2` |\n| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.60.1` | `8.61.0` |\n| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.60.1` | `8.61.0` |\n| [@typescript-eslint/utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/utils) | `8.60.1` | `8.61.0` |\n| [eslint](https://github.com/eslint/eslint) | `10.4.1` | `10.5.0` |\n| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |\n| [sass](https://github.com/sass/dart-sass) | `1.100.0` | `1.101.0` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `10.4.2` | `10.4.4` |\n| [style-dictionary](https://github.com/style-dictionary/style-dictionary) | `5.4.3` | `5.4.4` |\n| [turbo](https://github.com/vercel/turborepo) | `2.9.16` | `2.9.18` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.60.1` | `8.61.0` |\n| [@oxc-parser/binding-linux-arm64-gnu](https://github.com/oxc-project/oxc/tree/HEAD/napi/parser) | `0.134.0` | `0.135.0` |\n| [@oxc-parser/binding-linux-x64-gnu](https://github.com/oxc-project/oxc/tree/HEAD/napi/parser) | `0.134.0` | `0.135.0` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.8` | `3.4.10` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.14` | `8.5.15` |\n| [unocss](https://github.com/unocss/unocss/tree/HEAD/packages-presets/unocss) | `66.7.0` | `66.7.2` |\n\nUpdates `@storybook/addon-docs` from 10.4.2 to 10.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003e@​storybook/addon-docs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.4\u003c/h2\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.3\u003c/h2\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003e@​storybook/addon-docs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/5adebe753f29d414d1e214e935c94d6e5451861f\"\u003e\u003ccode\u003e5adebe7\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.3\u0026quot; to \u0026quot;10.4.4\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/624e6187fd462e56719cbd80c1b4bfb67b68fc89\"\u003e\u003ccode\u003e624e618\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.2\u0026quot; to \u0026quot;10.4.3\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/c89882282295be3bc05b3a366916c53d7a499841\"\u003e\u003ccode\u003ec898822\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs/issues/34496\"\u003e#34496\u003c/a\u003e from NYCU-Chung/fix/docs-blocks-custom-mdx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/c920fd08c79c57879fa2ddb4e8538e1684c71ec2\"\u003e\u003ccode\u003ec920fd0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs/issues/35021\"\u003e#35021\u003c/a\u003e from LongTangGithub/fix/docs-hmr-scroll-to-top\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/1750494e9f36748b2d89335e77f23f125fc5ec78\"\u003e\u003ccode\u003e1750494\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs/issues/35031\"\u003e#35031\u003c/a\u003e from storybookjs/jeppe/fix-mdx-no-dev-tag\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v10.4.4/code/addons/docs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@storybook/addon-links` from 10.4.2 to 10.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003e@​storybook/addon-links's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.4\u003c/h2\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.3\u003c/h2\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003e@​storybook/addon-links's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/5adebe753f29d414d1e214e935c94d6e5451861f\"\u003e\u003ccode\u003e5adebe7\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.3\u0026quot; to \u0026quot;10.4.4\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/624e6187fd462e56719cbd80c1b4bfb67b68fc89\"\u003e\u003ccode\u003e624e618\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.2\u0026quot; to \u0026quot;10.4.3\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v10.4.4/code/addons/links\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@storybook/html-vite` from 10.4.2 to 10.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003e@​storybook/html-vite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.4\u003c/h2\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.3\u003c/h2\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003e@​storybook/html-vite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/5adebe753f29d414d1e214e935c94d6e5451861f\"\u003e\u003ccode\u003e5adebe7\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.3\u0026quot; to \u0026quot;10.4.4\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/624e6187fd462e56719cbd80c1b4bfb67b68fc89\"\u003e\u003ccode\u003e624e618\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.2\u0026quot; to \u0026quot;10.4.3\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v10.4.4/code/frameworks/html-vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 24.13.1 to 24.13.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@typescript-eslint/eslint-plugin` from 8.60.1 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003e@​typescript-eslint/eslint-plugin's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md\"\u003e@​typescript-eslint/eslint-plugin's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ef1fd28c68b10da2e5b56823da8491f10f2c2b97\"\u003e\u003ccode\u003eef1fd28\u003c/code\u003e\u003c/a\u003e feat(ast-spec): change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/12\"\u003e#12\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/eslint-plugin\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@typescript-eslint/parser` from 8.60.1 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003e@​typescript-eslint/parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md\"\u003e@​typescript-eslint/parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for parser to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/parser\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@typescript-eslint/utils` from 8.60.1 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003e@​typescript-eslint/utils's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/utils/CHANGELOG.md\"\u003e@​typescript-eslint/utils's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for utils to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/utils\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.4.1 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.5.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/bdb496cc0d54b6d0a023aef9abd5f040ccff2101\"\u003e\u003ccode\u003ebdb496c\u003c/code\u003e\u003c/a\u003e feat: correct max-depth handling for else-if chains (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20944\"\u003e#20944\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c29687354a7f96093f57f7d73eecb866ad5e2953\"\u003e\u003ccode\u003ec296873\u003c/code\u003e\u003c/a\u003e feat: update error loc in \u003ccode\u003emax-statements\u003c/code\u003e to function header (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20907\"\u003e#20907\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f99b47a6799be25321552402a49303bb06a43fe4\"\u003e\u003ccode\u003ef99b47a\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/acf03d4eed31d259c7dc62af5b9640629784f7cc\"\u003e\u003ccode\u003eacf03d4\u003c/code\u003e\u003c/a\u003e docs: clarify precedence of parserOptions over languageOptions (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20926\"\u003e#20926\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c2d1444df77cb42e5a0b89ab70496879d180a54d\"\u003e\u003ccode\u003ec2d1444\u003c/code\u003e\u003c/a\u003e refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20951\"\u003e#20951\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/243b8c56014bbbe63771185b0731d8dd4d1316e9\"\u003e\u003ccode\u003e243b8c5\u003c/code\u003e\u003c/a\u003e chore: enhance config-rule to support oneOf, anyOf, and nested schemas (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20788\"\u003e#20788\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/217b2a91f46137c5ffd693965e71306c4c15ea6b\"\u003e\u003ccode\u003e217b2a9\u003c/code\u003e\u003c/a\u003e test: add unit tests for ParserService (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20949\"\u003e#20949\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/72003e781d76bd4ee0d98a6601730d0b829070f9\"\u003e\u003ccode\u003e72003e7\u003c/code\u003e\u003c/a\u003e test: add location information to error messages in \u003ccode\u003emax-statements\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20945\"\u003e#20945\u003c/a\u003e) (lumir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7797c266977b0bc4971aa79721813d480de72cd1\"\u003e\u003ccode\u003e7797c26\u003c/code\u003e\u003c/a\u003e refactor: deduplicate isAnySegmentReachable across rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20890\"\u003e#20890\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/67c46fa6e4f34e88cc6bc82f8a0dcc917c65d257\"\u003e\u003ccode\u003e67c46fa\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20938\"\u003e#20938\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/95d8c7a99f991abd8ab618d0ee2cbd4f58effc29\"\u003e\u003ccode\u003e95d8c7a\u003c/code\u003e\u003c/a\u003e chore: update dependency \u003ccode\u003e@​eslint/json\u003c/code\u003e to v2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20934\"\u003e#20934\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/cf9e496205142cd4971b9f98aed85866d1010b9c\"\u003e\u003ccode\u003ecf9e496\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003e@​arethetypeswrong/cli\u003c/code\u003e to 0.18.3 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20933\"\u003e#20933\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fb6d3960cacc51fc12383fa5ded2382adbf90c1c\"\u003e\u003ccode\u003efb6d396\u003c/code\u003e\u003c/a\u003e test: run type tests with TypeScript 7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20868\"\u003e#20868\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/de3b672a267e32607db04176ce4775664acb3145\"\u003e\u003ccode\u003ede3b672\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/362a5185134290db696d39f97c9da609ded54040\"\u003e\u003ccode\u003e362a518\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.4.1...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prettier` from 3.8.3 to 3.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/releases\"\u003eprettier's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.8.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003eprettier/prettier#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🔗 \u003ca href=\"https://github.com/prettier/prettier/blob/3.8.4/CHANGELOG.md#384\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/blob/main/CHANGELOG.md\"\u003eprettier's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.8.4\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ediff\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003e#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/h4\u003e\n\u003cp\u003ePrettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre lang=\"markdown\"\u003e\u003ccode\u003e\u0026lt;!-- Input --\u0026gt;\n- a\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eb\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.3 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ea\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ec\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.4 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ea\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/1c6ba5539141552e0e8e22d401ea620d8fdff468\"\u003e\u003ccode\u003e1c6ba55\u003c/code\u003e\u003c/a\u003e Release 3.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/4a673dc9b59ddf7296bbab9822093d2971da84a8\"\u003e\u003ccode\u003e4a673dc\u003c/code\u003e\u003c/a\u003e Fix blank lines between list items and nested sub-lists being removed in Mark...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/074aaedbb052a288e89d15eb0a4214de37a08866\"\u003e\u003ccode\u003e074aaed\u003c/code\u003e\u003c/a\u003e Replace \u003ccode\u003emain\u003c/code\u003e branch in changelog link with tags (\u003ca href=\"https://redirect.github.com/prettier/prettier/issues/19054\"\u003e#19054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/c22a003ae97917c5043e8685b4fdff0f93e978f9\"\u003e\u003ccode\u003ec22a003\u003c/code\u003e\u003c/a\u003e Bump Prettier dependency to 3.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/07bad1f04536e9799927007baf466e67151576f0\"\u003e\u003ccode\u003e07bad1f\u003c/code\u003e\u003c/a\u003e Clean changelog_unreleased\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sass` from 1.100.0 to 1.101.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sass/dart-sass/releases\"\u003esass's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDart Sass 1.101.0\u003c/h2\u003e\n\u003cp\u003eTo install Sass 1.101.0, download one of the packages below and \u003ca href=\"https://katiek2.github.io/path-doc/\"\u003eadd it to your PATH\u003c/a\u003e, or see \u003ca href=\"https://sass-lang.com/install\"\u003ethe Sass website\u003c/a\u003e for full installation instructions.\u003c/p\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePotentially breaking bug fix:\u003c/strong\u003e The Node package importer now properly supports resolving import-only variants of Sass files declared in the \u003ccode\u003eexports\u003c/code\u003e, \u003ccode\u003esass\u003c/code\u003e, and \u003ccode\u003estyle\u003c/code\u003e fields of \u003ccode\u003epackage.json\u003c/code\u003e. Previously, these files were ignored even when loaded via \u003ccode\u003e@import\u003c/code\u003e, so any code relying on loading module-system-only files this way may break.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#11010\"\u003efull changelog\u003c/a\u003e for changes in earlier releases.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sass/dart-sass/blob/main/CHANGELOG.md\"\u003esass's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.101.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePotentially breaking bug fix:\u003c/strong\u003e The Node package importer now properly\nsupports resolving import-only variants of Sass files declared in the\n\u003ccode\u003eexports\u003c/code\u003e, \u003ccode\u003esass\u003c/code\u003e, and \u003ccode\u003estyle\u003c/code\u003e fields of \u003ccode\u003epackage.json\u003c/code\u003e. Previously, these\nfiles were ignored even when loaded via \u003ccode\u003e@import\u003c/code\u003e, so any code relying on\nloading module-system-only files this way may break.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sass/dart-sass/commit/63b9922f5ddbf34bc742b50949e0ee5c47f4686d\"\u003e\u003ccode\u003e63b9922\u003c/code\u003e\u003c/a\u003e Load import-only files through package.json \u003ccode\u003eexports\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sass/dart-sass/issues/2772\"\u003e#2772\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sass/dart-sass/commit/c7e9947100e8ffdabfe314a4e342595f2bccff35\"\u003e\u003ccode\u003ec7e9947\u003c/code\u003e\u003c/a\u003e Migrate from bufbuild/buf-setup-action to bufbuild/buf-action (\u003ca href=\"https://redirect.github.com/sass/dart-sass/issues/2773\"\u003e#2773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sass/dart-sass/commit/7674a4c29d05c844dcffd40a91e7cf2ac216d524\"\u003e\u003ccode\u003e7674a4c\u003c/code\u003e\u003c/a\u003e Bump postcss from 8.5.13 to 8.5.15 in /pkg/sass-parser (\u003ca href=\"https://redirect.github.com/sass/dart-sass/issues/2774\"\u003e#2774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sass/dart-sass/compare/1.100.0...1.101.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `storybook` from 10.4.2 to 10.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003estorybook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.4\u003c/h2\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.3\u003c/h2\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003estorybook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePreview: Stop mixed CSF3+4 stories getting core annotations injected twice - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35094\"\u003e#35094\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add timeout to event-log POST to prevent build hang - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35085\"\u003e#35085\u003c/a\u003e, thanks \u003ca href=\"https://github.com/badams\"\u003e\u003ccode\u003e@​badams\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Docs: Fix Primary and Controls blocks not rendering in custom MDX pages - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34496\"\u003e#34496\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NYCU-Chung\"\u003e\u003ccode\u003e@​NYCU-Chung\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Respect !dev tag on MDX docs in sidebar - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35031\"\u003e#35031\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Add support for resolving subcomponents attached as properties of a parent component - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34967\"\u003e#34967\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent docs page scroll reset on HMR re-render - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/35021\"\u003e#35021\u003c/a\u003e, thanks \u003ca href=\"https://github.com/LongTangGithub\"\u003e\u003ccode\u003e@​LongTangGithub\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/5adebe753f29d414d1e214e935c94d6e5451861f\"\u003e\u003ccode\u003e5adebe7\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.3\u0026quot; to \u0026quot;10.4.4\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/ce1491d9e4c6d2b42864028fdf57801b855fc573\"\u003e\u003ccode\u003ece1491d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/35085\"\u003e#35085\u003c/a\u003e from badams/fix/telemetry-fetch-timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/624e6187fd462e56719cbd80c1b4bfb67b68fc89\"\u003e\u003ccode\u003e624e618\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;10.4.2\u0026quot; to \u0026quot;10.4.3\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/c89882282295be3bc05b3a366916c53d7a499841\"\u003e\u003ccode\u003ec898822\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/34496\"\u003e#34496\u003c/a\u003e from NYCU-Chung/fix/docs-blocks-custom-mdx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/c920fd08c79c57879fa2ddb4e8538e1684c71ec2\"\u003e\u003ccode\u003ec920fd0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/35021\"\u003e#35021\u003c/a\u003e from LongTangGithub/fix/docs-hmr-scroll-to-top\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/1750494e9f36748b2d89335e77f23f125fc5ec78\"\u003e\u003ccode\u003e1750494\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/35031\"\u003e#35031\u003c/a\u003e from storybookjs/jeppe/fix-mdx-no-dev-tag\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v10.4.4/code/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `style-dictionary` from 5.4.3 to 5.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/style-dictionary/style-dictionary/releases\"\u003estyle-dictionary's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e23b5e8d: Fix prototype pollution vulnerability in the \u003ccode\u003econvertTokenData\u003c/code\u003e utility function, this was introduced in version \u003ccode\u003e4.3.0\u003c/code\u003e.\nAny token key that includes \u003ccode\u003e__proto__\u003c/code\u003e will be ignored.\nSee \u003ca href=\"https://github.com/style-dictionary/style-dictionary/security/advisories/GHSA-vj5c-m527-mpff\"\u003eSecurity Advisory GHSA-vj5c-m527-mpff\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/style-dictionary/style-dictionary/blob/main/CHANGELOG.md\"\u003estyle-dictionary's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.4.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e23b5e8d: Fix prototype pollution vulnerability in the \u003ccode\u003econvertTokenData\u003c/code\u003e utility function, this was introduced in version \u003ccode\u003e4.3.0\u003c/code\u003e.\nAny token key that includes \u003ccode\u003e__proto__\u003c/code\u003e will be ignored.\nSee \u003ca href=\"https://github.com/style-dictionary/style-dictionary/security/advisories/GHSA-vj5c-m527-mpff\"\u003eSecurity Advisory GHSA-vj5c-m527-mpff\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/style-dictionary/style-dictionary/commit/1c9008813e79f4614d51daefa6118a936d72c281\"\u003e\u003ccode\u003e1c90088\u003c/code\u003e\u003c/a\u003e chore: release (\u003ca href=\"https://redirect.github.com/style-dictionary/style-dictionary/issues/1703\"\u003e#1703\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/style-dictionary/style-dictionary/commit/23b5e8dda143441f0d6b8e2b4222e2da98058bc5\"\u003e\u003ccode\u003e23b5e8d\u003c/code\u003e\u003c/a\u003e fix: prototype pollution in convertTokenData utility GHSA-vj5c-m527-mpff (\u003ca href=\"https://redirect.github.com/style-dictionary/style-dictionary/issues/1702\"\u003e#1702\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/style-dictionary/style-dictionary/compare/v5.4.3...v5.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `turbo` from 2.9.16 to 2.9.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/turborepo/releases\"\u003eturbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTurborepo v2.9.18\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease(turborepo): 2.9.17 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13047\"\u003evercel/turborepo#13047\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Fetch version.txt via API in docs alias failure notification by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13050\"\u003evercel/turborepo#13050\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden cache archive symlink restore by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13051\"\u003evercel/turborepo#13051\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove web UI mode by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13052\"\u003evercel/turborepo#13052\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Harden query server file access by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13053\"\u003evercel/turborepo#13053\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Confine prune patch paths by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13054\"\u003evercel/turborepo#13054\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Prevent git argument injection in SCM refs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13055\"\u003evercel/turborepo#13055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Strip special mode bits from cache restore by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13056\"\u003evercel/turborepo#13056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Contain incremental cache outputs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13057\"\u003evercel/turborepo#13057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(turborepo): Normalize Windows daemon path hash by \u003ca href=\"https://github.com/Balance8\"\u003e\u003ccode\u003e@​Balance8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13020\"\u003evercel/turborepo#13020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Preserve vt100 cell byte counts by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13058\"\u003evercel/turborepo#13058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Separate artifact signature fields by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13059\"\u003evercel/turborepo#13059\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Validate OidHash hex buffers by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13060\"\u003evercel/turborepo#13060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Block self-hosted login URLs from attempting to use Vercel's SSO by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13061\"\u003evercel/turborepo#13061\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Balance8\"\u003e\u003ccode\u003e@​Balance8\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/13020\"\u003evercel/turborepo#13020\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\"\u003ehttps://github.com/vercel/turborepo/compare/v2.9.17...v2.9.18\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eTurborepo v2.9.17\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: Keep non-PTY stdin alive for persistent tasks by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12972\"\u003evercel/turborepo#12972\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.16 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12970\"\u003evercel/turborepo#12970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.17-canary.1 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12973\"\u003evercel/turborepo#12973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Add auth HTTP timeouts by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12976\"\u003evercel/turborepo#12976\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Detect affected root tasks in query by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12977\"\u003evercel/turborepo#12977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Wait for Windows graceful shutdown by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12979\"\u003evercel/turborepo#12979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease(turborepo): 2.9.17-canary.2 by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12980\"\u003evercel/turborepo#12980\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip installs for JSON output fixtures by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12981\"\u003evercel/turborepo#12981\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Add Rsbuild examples by \u003ca href=\"https://github.com/Nsttt\"\u003e\u003ccode\u003e@​Nsttt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12942\"\u003evercel/turborepo#12942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip installs for single package dry runs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12982\"\u003evercel/turborepo#12982\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip Corepack setup without installs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12983\"\u003evercel/turborepo#12983\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip installs for metadata-only Rust tests by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12985\"\u003evercel/turborepo#12985\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Skip remaining unnecessary fixture installs by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12986\"\u003evercel/turborepo#12986\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Add final hash contract snapshots by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12984\"\u003evercel/turborepo#12984\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Trim run logging integration matrix by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12987\"\u003evercel/turborepo#12987\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Trim affected query integration matrix by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12988\"\u003evercel/turborepo#12988\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Narrow Windows integration test group by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12989\"\u003evercel/turborepo#12989\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Trim task dependency integration coverage by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12990\"\u003evercel/turborepo#12990\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Trim affected integration coverage by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12991\"\u003evercel/turborepo#12991\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Collapse integration test matrices by \u003ca href=\"https://github.com/anthonyshew\"\u003e\u003ccode\u003e@​anthonyshew\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vercel/turborepo/pull/12992\"\u003evercel/turborepo#12992\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/3bdce3277d2e61cdbf29f244a515dd4b896d2556\"\u003e\u003ccode\u003e3bdce32\u003c/code\u003e\u003c/a\u003e publish 2.9.18 to registry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/2a76556b9457c514fa597a09fef23da2e1250c8c\"\u003e\u003ccode\u003e2a76556\u003c/code\u003e\u003c/a\u003e fix: Block self-hosted login URLs from attempting to use Vercel's SSO (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13061\"\u003e#13061\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/da8e3487acce10039425180c42875d7ccc484ed5\"\u003e\u003ccode\u003eda8e348\u003c/code\u003e\u003c/a\u003e fix: Validate OidHash hex buffers (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13060\"\u003e#13060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/3018717c28fc8f1ecffa2c92e3260be0dc0165aa\"\u003e\u003ccode\u003e3018717\u003c/code\u003e\u003c/a\u003e fix: Separate artifact signature fields (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13059\"\u003e#13059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/34514e278822ccbe3a083730b7032709ef16f85c\"\u003e\u003ccode\u003e34514e2\u003c/code\u003e\u003c/a\u003e fix: Preserve vt100 cell byte counts (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13058\"\u003e#13058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/24e2d3498f54fa1f8b729f18764f63cb05072bc6\"\u003e\u003ccode\u003e24e2d34\u003c/code\u003e\u003c/a\u003e fix(turborepo): Normalize Windows daemon path hash (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13020\"\u003e#13020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/16dc881cabf5c13d02c27a5d7cfdfeb60736206c\"\u003e\u003ccode\u003e16dc881\u003c/code\u003e\u003c/a\u003e fix: Contain incremental cache outputs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13057\"\u003e#13057\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/92e1f8e5365ea5a95e47c3698deb2f7adaa55eba\"\u003e\u003ccode\u003e92e1f8e\u003c/code\u003e\u003c/a\u003e fix: Strip special mode bits from cache restore (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13056\"\u003e#13056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/f46f896ef414823582131304c9749e9be011fe37\"\u003e\u003ccode\u003ef46f896\u003c/code\u003e\u003c/a\u003e fix: Prevent git argument injection in SCM refs (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13055\"\u003e#13055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/turborepo/commit/7f353ca3a6f28fbbcce931aeab7be0efe718c466\"\u003e\u003ccode\u003e7f353ca\u003c/code\u003e\u003c/a\u003e fix: Confine prune patch paths (\u003ca href=\"https://redirect.github.com/vercel/turborepo/issues/13054\"\u003e#13054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/turborepo/compare/v2.9.16...v2.9.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript-eslint` from 8.60.1 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003etypescript-eslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md\"\u003etypescript-eslint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/typescript-eslint\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@oxc-parser/binding-linux-arm64-gnu` from 0.134.0 to 0.135.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/oxc-project/oxc/releases\"\u003e@​oxc-parser/binding-linux-arm64-gnu's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eoxc crates_v0.135.0\u003c/h2\u003e\n\u003ch3\u003e💥 BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eee4dc73 ast: [\u003cstrong\u003eBREAKING\u003c/strong\u003e] Add \u003ccode\u003e#[non_exhaustive]\u003c/code\u003e to AST nodes (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23046\"\u003e#23046\u003c/a\u003e) (overlookmotel)\u003c/li\u003e\n\u003cli\u003e4c35362 ast: [\u003cstrong\u003eBREAKING\u003c/strong\u003e] Add \u003ccode\u003eAstBuilder::template_element_escape_raw\u003c/code\u003e and \u003ccode\u003etemplate_element_escape_raw_with_lone_surrogates\u003c/code\u003e methods (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23047\"\u003e#23047\u003c/a\u003e) (overlookmotel)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb846ab2 react_compiler: Integrate the Rust port of the React Compiler (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/22942\"\u003e#22942\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e5b8dd68 parser: Report TS1255 for invalid class definite assertions (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/22917\"\u003e#22917\u003c/a\u003e) (camc314)\u003c/li\u003e\n\u003cli\u003e85efabf semantic: Make building the class table optional, off by default (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/22862\"\u003e#22862\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e556acdc codegen: Parenthesize TS-cast assignment targets (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23112\"\u003e#23112\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e37169ff codegen: Don't emit space between postfix \u003ccode\u003e--\u003c/code\u003e and \u003ccode\u003e\u0026gt;\u003c/code\u003e when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23036\"\u003e#23036\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ea4b1bf7 codegen: Drop redundant whitespace in minified TypeScript output (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23038\"\u003e#23038\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ecf53285 parser: Report reserved type-declaration names in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23035\"\u003e#23035\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e4e44969 ast: Fix UB in \u003ccode\u003eescape_template_element_raw\u003c/code\u003e (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23052\"\u003e#23052\u003c/a\u003e) (overlookmotel)\u003c/li\u003e\n\u003cli\u003ec543154 parser: Report comma operator in JSX expression in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23030\"\u003e#23030\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e325c94f codegen: Tighten conditional-type and constructor-type whitespace when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23033\"\u003e#23033\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e95dd3a2 parser: Report \u003ccode\u003eimport type\u003c/code\u003e alias to a non-external reference in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23032\"\u003e#23032\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e90180b8 codegen: Drop space after \u003ccode\u003e:\u003c/code\u003e in function return type when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23028\"\u003e#23028\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e6da876e parser: Report \u003ccode\u003eabstract\u003c/code\u003e private class field in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23029\"\u003e#23029\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e28467ce codegen: Don't emit space before a postfix update operand when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23027\"\u003e#23027\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ecb29926 codegen: Drop redundant space after \u003ccode\u003eexport default\u003c/code\u003e when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23024\"\u003e#23024\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e62965ae codegen: Drop redundant space after \u003ccode\u003eelse\u003c/code\u003e when minifying (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23025\"\u003e#23025\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e989230a parser: Report compound assignment to non-simple target in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23022\"\u003e#23022\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e06f367c parser: Report \u003ccode\u003esuper.#field\u003c/code\u003e private access in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23014\"\u003e#23014\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e184edef codegen: Print space before \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003edeclare\u003c/code\u003e enum modifier (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23013\"\u003e#23013\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e4d722e0 parser: Report duplicate switch \u003ccode\u003edefault\u003c/code\u003e clause in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23012\"\u003e#23012\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e597ed85 codegen: Parenthesize \u003ccode\u003elet\u003c/code\u003e/\u003ccode\u003easync\u003c/code\u003e for-of head target (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23008\"\u003e#23008\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e8b631bf codegen: Remove stray space before mapped type value colon (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23010\"\u003e#23010\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ec08407e codegen: Don't over-parenthesize \u003ccode\u003ein\u003c/code\u003e inside an arrow in a for-init (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23009\"\u003e#23009\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e600cd6f codegen: Parenthesize lower-precedence \u003ccode\u003eTSInstantiationExpression\u003c/code\u003e operand (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23007\"\u003e#23007\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e187e1a5 codegen: Don't leak space after comment-only JSX expression container (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23006\"\u003e#23006\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e294c473 codegen: Don't over-parenthesize \u003ccode\u003eTSTypeAssertion\u003c/code\u003e operand (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23004\"\u003e#23004\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e786d96f codegen: Give \u003ccode\u003eTSTypeAssertion\u003c/code\u003e unary precedence (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23002\"\u003e#23002\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e1295882 parser: Report \u003ccode\u003enew.target\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e syntax errors in the parser (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23003\"\u003e#23003\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003ed727b6b codegen: Parenthesize \u003ccode\u003eawait\u003c/code\u003e expression as base of \u003ccode\u003e**\u003c/code\u003e (\u003ca href=\"https://github.com/oxc-project/oxc/tree/HEAD/napi/parser/issues/23001\"\u003e#23001\u003c/a\u003e) (Boshen)\u003c/li\u003e\n\u003cli\u003e67dfa08 codegen: Keep parentheses around \u003ccode\u003enew\u003c/code\u003e callees containing a call (\u003c...\n\n_Description has been truncated_","html_url":"https://github.com/baloise/design-system/pull/1973","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/baloise%2Fdesign-system/issues/1973","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1973/packages"}},{"old_version":"3.4.7","new_version":"3.4.10","update_type":"patch","path":"/aragora/live","pr_created_at":"2026-06-15T03:35:58.000Z","version_change":"3.4.7 → 3.4.10","issue":{"uuid":"4661818257","node_id":"PR_kwDOQx7g0c7mXetm","number":8436,"state":"open","title":"chore(deps): Bump dompurify from 3.4.7 to 3.4.10 in /aragora/live","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T03:35:58.000Z","updated_at":"2026-06-15T13:51:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","packages":[{"name":"dompurify","old_version":"3.4.7","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/aragora/live","ecosystem":"npm"},"body":"Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.7 to 3.4.10.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.7...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dompurify\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.7\u0026new-version=3.4.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/synaptent/aragora/pull/8436","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/synaptent%2Faragora/issues/8436","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8436/packages"}},{"old_version":"3.4.3","new_version":"3.4.10","update_type":"patch","path":null,"pr_created_at":"2026-06-15T03:14:54.000Z","version_change":"3.4.3 → 3.4.10","issue":{"uuid":"4661746210","node_id":"PR_kwDOSzORUs7mXQL7","number":12,"state":"open","title":"deps(frontend): bump the patch-and-minor group across 1 directory with 17 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T03:14:54.000Z","updated_at":"2026-06-15T03:14:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(frontend): bump","group_name":"patch-and-minor","update_count":17,"packages":[{"name":"@sentry/react","old_version":"10.53.1","new_version":"10.57.0","repository_url":"https://github.com/getsentry/sentry-javascript"},{"name":"axios","old_version":"1.16.1","new_version":"1.18.0","repository_url":"https://github.com/axios/axios"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.4.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"docx","old_version":"9.6.1","new_version":"9.7.1","repository_url":"https://github.com/dolanmiu/docx"},{"name":"dompurify","old_version":"3.4.3","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"lucide-react","old_version":"1.16.0","new_version":"1.18.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"react","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"19.2.14","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-big-calendar","old_version":"1.19.4","new_version":"1.20.0","repository_url":"https://github.com/bigcalendar/react-big-calendar"},{"name":"react-dom","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-router-dom","old_version":"7.15.1","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"@tailwindcss/vite","old_version":"4.3.0","new_version":"4.3.1","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@vitest/coverage-v8","old_version":"4.1.6","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"eslint-plugin-react-refresh","old_version":"0.5.2","new_version":"0.5.3","repository_url":"https://github.com/ArnaudBarre/eslint-plugin-react-refresh"},{"name":"prettier","old_version":"3.8.3","new_version":"3.8.4","repository_url":"https://github.com/prettier/prettier"}],"path":null,"ecosystem":"npm"},"body":"Bumps the patch-and-minor group with 15 updates in the /frontend directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@sentry/react](https://github.com/getsentry/sentry-javascript) | `10.53.1` | `10.57.0` |\n| [axios](https://github.com/axios/axios) | `1.16.1` | `1.18.0` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.4.0` |\n| [docx](https://github.com/dolanmiu/docx) | `9.6.1` | `9.7.1` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.3` | `3.4.10` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.16.0` | `1.18.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |\n| [react-big-calendar](https://github.com/bigcalendar/react-big-calendar) | `1.19.4` | `1.20.0` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.15.1` | `7.17.0` |\n| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.3.0` | `4.3.1` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.6` | `4.1.8` |\n| [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.5.2` | `0.5.3` |\n| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |\n\n\nUpdates `@sentry/react` from 10.53.1 to 10.57.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/getsentry/sentry-javascript/releases\"\u003e@​sentry/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.57.0\u003c/h2\u003e\n\u003ch3\u003eImportant Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003efeat(angular): Add support for Angular 22 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21330\"\u003e#21330\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e@sentry/angular\u003c/code\u003e now officially supports Angular 22.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eref(core): Deprecate \u003ccode\u003esendDefaultPii\u003c/code\u003e in favor of \u003ccode\u003edataCollection\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21277\"\u003e#21277\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003esendDefaultPii\u003c/code\u003e is deprecated and will be removed in v11. The new \u003ccode\u003edataCollection\u003c/code\u003e option lets you control each category of collected data.\n\u003ccode\u003esendDefaultPii: true\u003c/code\u003e still works and maps to enabling all \u003ccode\u003edataCollection\u003c/code\u003e categories.\n\u003ccode\u003edataCollection.userInfo\u003c/code\u003e defaults to \u003ccode\u003etrue\u003c/code\u003e when \u003ccode\u003edataCollection\u003c/code\u003e is provided, meaning auto-populated \u003ccode\u003euser.*\u003c/code\u003e fields (e.g. IP address from a request) are collected by default.\nData you set explicitly (like via \u003ccode\u003eSentry.setUser()\u003c/code\u003e) is always sent regardless.\nWhen \u003ccode\u003edataCollection\u003c/code\u003e is not set at all, the legacy \u003ccode\u003esendDefaultPii\u003c/code\u003e behavior applies (\u003ccode\u003euserInfo: false\u003c/code\u003e by default) to preserve backward compatibility.\u003c/p\u003e\n\u003cp\u003eNote that an empty \u003ccode\u003edataCollection: {}\u003c/code\u003e falls back to more permissive defaults than \u003ccode\u003esendDefaultPii: false\u003c/code\u003e, so replicate the old behavior by opting out explicitly:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eSentry.init({\n  dataCollection: {\n    userInfo: false,\n    genAI: { inputs: false, outputs: false },\n    httpBodies: [],\n    httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n    cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n    queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n  },\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Use \u003ccode\u003edataCollection.frameContextLines\u003c/code\u003e for ContextLines integration (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21323\"\u003e#21323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(cloudflare): Auto instrument D1 based on env (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21276\"\u003e#21276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Change default of \u003ccode\u003edataCollection.userInfo\u003c/code\u003e to \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21348\"\u003e#21348\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Default \u003ccode\u003edataCollection.httpBodies\u003c/code\u003e to all valid body types (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21352\"\u003e#21352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(hono): Filter noisy transactions (\u003ccode\u003efavicon\u003c/code\u003e etc) (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21365\"\u003e#21365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(cloudflare): Don't track negatively sampled spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21367\"\u003e#21367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(core): Use \u003ccode\u003esafeDateNow\u003c/code\u003e calls for \u003ccode\u003enew Date()\u003c/code\u003e reads (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21351\"\u003e#21351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(nextjs): Shim \u003ccode\u003epinoIntegration\u003c/code\u003e on edge runtime (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21347\"\u003e#21347\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node): Prevent PostgresJs integration from emitting duplicate spans per query (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21364\"\u003e#21364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node-core): Read \u003ccode\u003e__SENTRY_SERVER_MODULES__\u003c/code\u003e lazily so Turbopack injection is honored (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21339\"\u003e#21339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21326\"\u003e#21326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(react): Remove unused \u003ccode\u003ereact.componentStack\u003c/code\u003e event context (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21183\"\u003e#21183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(replays): Record \u003ccode\u003esentry._internal.replay_is_buffering\u003c/code\u003e for spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21297\"\u003e#21297\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore: Bump volta node version from 20.19.2 to 20.19.5 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21359\"\u003e#21359\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md\"\u003e@​sentry/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.57.0\u003c/h2\u003e\n\u003ch3\u003eImportant Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003efeat(angular): Add support for Angular 22 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21330\"\u003e#21330\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e@sentry/angular\u003c/code\u003e now officially supports Angular 22.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eref(core): Deprecate \u003ccode\u003esendDefaultPii\u003c/code\u003e in favor of \u003ccode\u003edataCollection\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21277\"\u003e#21277\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003esendDefaultPii\u003c/code\u003e is deprecated and will be removed in v11. The new \u003ccode\u003edataCollection\u003c/code\u003e option lets you control each category of collected data.\n\u003ccode\u003esendDefaultPii: true\u003c/code\u003e still works and maps to enabling all \u003ccode\u003edataCollection\u003c/code\u003e categories.\n\u003ccode\u003edataCollection.userInfo\u003c/code\u003e defaults to \u003ccode\u003etrue\u003c/code\u003e when \u003ccode\u003edataCollection\u003c/code\u003e is provided, meaning auto-populated \u003ccode\u003euser.*\u003c/code\u003e fields (e.g. IP address from a request) are collected by default.\nData you set explicitly (like via \u003ccode\u003eSentry.setUser()\u003c/code\u003e) is always sent regardless.\nWhen \u003ccode\u003edataCollection\u003c/code\u003e is not set at all, the legacy \u003ccode\u003esendDefaultPii\u003c/code\u003e behavior applies (\u003ccode\u003euserInfo: false\u003c/code\u003e by default) to preserve backward compatibility.\u003c/p\u003e\n\u003cp\u003eNote that an empty \u003ccode\u003edataCollection: {}\u003c/code\u003e falls back to more permissive defaults than \u003ccode\u003esendDefaultPii: false\u003c/code\u003e, so replicate the old behavior by opting out explicitly:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eSentry.init({\n  dataCollection: {\n    userInfo: false,\n    genAI: { inputs: false, outputs: false },\n    httpBodies: [],\n    httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n    cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n    queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },\n  },\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Use \u003ccode\u003edataCollection.frameContextLines\u003c/code\u003e for ContextLines integration (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21323\"\u003e#21323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(cloudflare): Auto instrument D1 based on env (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21276\"\u003e#21276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Change default of \u003ccode\u003edataCollection.userInfo\u003c/code\u003e to \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21348\"\u003e#21348\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Default \u003ccode\u003edataCollection.httpBodies\u003c/code\u003e to all valid body types (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21352\"\u003e#21352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(hono): Filter noisy transactions (\u003ccode\u003efavicon\u003c/code\u003e etc) (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21365\"\u003e#21365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(cloudflare): Don't track negatively sampled spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21367\"\u003e#21367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(core): Use \u003ccode\u003esafeDateNow\u003c/code\u003e calls for \u003ccode\u003enew Date()\u003c/code\u003e reads (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21351\"\u003e#21351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(nextjs): Shim \u003ccode\u003epinoIntegration\u003c/code\u003e on edge runtime (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21347\"\u003e#21347\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node): Prevent PostgresJs integration from emitting duplicate spans per query (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21364\"\u003e#21364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node-core): Read \u003ccode\u003e__SENTRY_SERVER_MODULES__\u003c/code\u003e lazily so Turbopack injection is honored (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21339\"\u003e#21339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21326\"\u003e#21326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(react): Remove unused \u003ccode\u003ereact.componentStack\u003c/code\u003e event context (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21183\"\u003e#21183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(replays): Record \u003ccode\u003esentry._internal.replay_is_buffering\u003c/code\u003e for spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/21297\"\u003e#21297\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/950cf9756532c871a448710addba6fefb397828a\"\u003e\u003ccode\u003e950cf97\u003c/code\u003e\u003c/a\u003e release: 10.57.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/55f9343e356723234304ffe012abc43b297cbb9f\"\u003e\u003ccode\u003e55f9343\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21369\"\u003e#21369\u003c/a\u003e from getsentry/prepare-release/10.57.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/88d9d30362681c60f9a0f9a6f048e149cda32f29\"\u003e\u003ccode\u003e88d9d30\u003c/code\u003e\u003c/a\u003e meta(changelog): Update changelog for 10.57.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/03ffd2525c2c7763524c7620968a58528f1b4307\"\u003e\u003ccode\u003e03ffd25\u003c/code\u003e\u003c/a\u003e fix(cloudflare): Don't track negatively sampled spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21367\"\u003e#21367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/7c19ead1ddd35906500d43b8a43c9b22a0a3a890\"\u003e\u003ccode\u003e7c19ead\u003c/code\u003e\u003c/a\u003e ref(node): Streamline sql-common (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21360\"\u003e#21360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/95df562e1f36a5ffc35c17f2a5358325f385fb7b\"\u003e\u003ccode\u003e95df562\u003c/code\u003e\u003c/a\u003e feat(hono): Filter noisy transactions (\u003ccode\u003efavicon\u003c/code\u003e etc) (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21365\"\u003e#21365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/92eb5d209542fddd568965cc2fb35d55892200dc\"\u003e\u003ccode\u003e92eb5d2\u003c/code\u003e\u003c/a\u003e feat(deps): Bump hono from 4.12.18 to 4.12.21 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21341\"\u003e#21341\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/c6f790bf8d46cd0529529a1788d2af863ec1df6b\"\u003e\u003ccode\u003ec6f790b\u003c/code\u003e\u003c/a\u003e fix(node): Prevent PostgresJs integration from emitting duplicate spans per q...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/d64534903f34fe4f2c7a0876b3b8481aeff1f858\"\u003e\u003ccode\u003ed645349\u003c/code\u003e\u003c/a\u003e ref(node): Streamline lru-memoizer instrumentation (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21350\"\u003e#21350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/4293015f67d2042ce6bd92e7fede4edd1cb2869c\"\u003e\u003ccode\u003e4293015\u003c/code\u003e\u003c/a\u003e feat(deps): Bump \u003ccode\u003e@​types/aws-lambda\u003c/code\u003e from 8.10.150 to 8.10.161 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/21105\"\u003e#21105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/getsentry/sentry-javascript/compare/10.53.1...10.57.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.16.1 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.0 — June 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRedirect Header Safety:\u003c/strong\u003e Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eURL And Request Hardening:\u003c/strong\u003e Rejects malformed \u003ccode\u003ehttp:\u003c/code\u003e and \u003ccode\u003ehttps:\u003c/code\u003e URLs that omit \u003ccode\u003e//\u003c/code\u003e with \u003ccode\u003eERR_INVALID_URL\u003c/code\u003e, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local \u003ccode\u003eNO_PROXY\u003c/code\u003e matching. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStatus Validation:\u003c/strong\u003e Added \u003ccode\u003etransitional.validateStatusUndefinedResolves\u003c/code\u003e so applications can opt in to treating \u003ccode\u003evalidateStatus: undefined\u003c/code\u003e like the option was omitted, while \u003ccode\u003evalidateStatus: null\u003c/code\u003e remains the explicit way to accept every status. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the \u003ccode\u003eproxy\u003c/code\u003e request config as Node.js-only in the advanced docs. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@babel/core\u003c/code\u003e, \u003ccode\u003e@babel/preset-env\u003c/code\u003e, \u003ccode\u003e@commitlint/cli\u003c/code\u003e, \u003ccode\u003e@commitlint/config-conventional\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-babel\u003c/code\u003e, \u003ccode\u003e@rollup/plugin-commonjs\u003c/code\u003e, \u003ccode\u003e@vitest/browser\u003c/code\u003e, \u003ccode\u003e@vitest/browser-playwright\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003elint-staged\u003c/code\u003e, \u003ccode\u003erollup\u003c/code\u003e, \u003ccode\u003evitest\u003c/code\u003e, and \u003ccode\u003eactions/checkout\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10996\"\u003e#10996\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10997\"\u003e#10997\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRelease Metadata:\u003c/strong\u003e Prepared the 1.18.0 release by updating package metadata and the runtime \u003ccode\u003eVERSION\u003c/code\u003e value. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/drori12\"\u003e\u003ccode\u003e@​drori12\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10984\"\u003e#10984\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/eyupcanakman\"\u003e\u003ccode\u003e@​eyupcanakman\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Adi-Beker\"\u003e\u003ccode\u003e@​Adi-Beker\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.17.0...v1.18.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d06f96e8602c2db13b65a26340ee4a1bbc0b61f\"\u003e\u003ccode\u003e2d06f96\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.18.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11003\"\u003e#11003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32fc489632377d214db55bfa4e2c48486a7d7ce2\"\u003e\u003ccode\u003e32fc489\u003c/code\u003e\u003c/a\u003e fix: malformed http urls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/11000\"\u003e#11000\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b40ce498abfa10d90b873b4fd08f520afa5d2545\"\u003e\u003ccode\u003eb40ce49\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 10 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fe964f960ecb52c3e1155b0daf7be77541956b01\"\u003e\u003ccode\u003efe964f9\u003c/code\u003e\u003c/a\u003e docs: mark proxy config as Node.js only (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10995\"\u003e#10995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5f229d2d1f018d1db3dab6bbe034dbf3f9041b99\"\u003e\u003ccode\u003e5f229d2\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fae9d4e7db6a858c407c75e607a071c533c5c4f6\"\u003e\u003ccode\u003efae9d4e\u003c/code\u003e\u003c/a\u003e docs: clarify package update PR policy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10992\"\u003e#10992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28ab2ced820e55192806c53472ab3eb0cbb68dc2\"\u003e\u003ccode\u003e28ab2ce\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10989\"\u003e#10989\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a8e4f13aeecc45a3b8fab3ecfd9ddb5d70fb772b\"\u003e\u003ccode\u003ea8e4f13\u003c/code\u003e\u003c/a\u003e fix(core): keep default validateStatus when request passes undefined (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/614f4552a17de757d4171ad7c3bd38c9c1025fd8\"\u003e\u003ccode\u003e614f455\u003c/code\u003e\u003c/a\u003e docs: publish v1.17.0 release notes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10988\"\u003e#10988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6bb12c191f5380fad321322fb90216ae0dc36985\"\u003e\u003ccode\u003e6bb12c1\u003c/code\u003e\u003c/a\u003e fix: custom auth headers not stripped on cross-origin redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10892\"\u003e#10892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `date-fns` from 4.1.0 to 4.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/date-fns/date-fns/releases\"\u003edate-fns's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003cp\u003eThis release revisits the approach to CDN usage and introduces a new package, \u003ccode\u003e@date-fns/cdn\u003c/code\u003e and deprecates the \u003ccode\u003edate-fns\u003c/code\u003e CDN scripts. It allowed reducing the zipped package size from \u003ccode\u003e5.83 MB\u003c/code\u003e down to \u003ccode\u003e3.96 MB\u003c/code\u003e without introducing any breaking changes.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003ev5.0.0-alpha.0\u003c/code\u003e where CDN scripts are completely removed from \u003ccode\u003edate-fns\u003c/code\u003e the change is more significant and brings the zipped package size down to \u003ccode\u003e2.89 MB\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIt is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDEPRECATED\u003c/strong\u003e: The \u003ccode\u003edate-fns\u003c/code\u003e CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new \u003ccode\u003e@date-fns/cdn\u003c/code\u003e package for CDN usage.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved CDN source maps to reduce the package size. If you rely on them, please switch to the new \u003ccode\u003e@date-fns/cdn\u003c/code\u003e package that still includes them.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cp\u003eKudos to \u003ca href=\"https://github.com/ImRodry\"\u003e\u003ccode\u003e@​ImRodry\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e for their contributions.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFixed missing modularized optimization fallback (\u003ca href=\"https://x.com/kossnocorp/status/1731181274579325260\"\u003efor Next.js and others\u003c/a\u003e). See \u003ca href=\"https://x.com/kossnocorp/status/1731181274579325260\"\u003e#4193\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ccode\u003ept\u003c/code\u003e locale first day of week to be Sunday. See \u003ca href=\"https://redirect.github.com/date-fns/date-fns/pull/4195\"\u003e#4195\u003c/a\u003e by \u003ca href=\"https://github.com/ImRodry\"\u003e\u003ccode\u003e@​ImRodry\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ccode\u003ezh-CN\u003c/code\u003e, \u003ccode\u003ezh-HK\u003c/code\u003e, and \u003ccode\u003ezh-TW\u003c/code\u003e locale month parsing for October, November, and December. See \u003ca href=\"https://redirect.github.com/date-fns/date-fns/pull/4194\"\u003e#4194\u003c/a\u003e by \u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a minor release in all senses, it only includes documentation updates (first of many) that points to the new \u003ca href=\"https://date-fns.org/you-dont-need-date-fns\"\u003eYou Don't Need date-fns*\u003c/a\u003e page.\u003c/p\u003e\n\u003cp\u003e* Not really\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded Temporal API references to the JSDoc annotations of \u003ccode\u003eadd\u003c/code\u003e, \u003ccode\u003eaddBusinessDays\u003c/code\u003e, and \u003ccode\u003eaddDays\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/cd53d2538cfa318404eff7ade6449b49bf34562e\"\u003e\u003ccode\u003ecd53d25\u003c/code\u003e\u003c/a\u003e Promote to v4.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/d948ec151d395096de8a45fbcd9b1e79c26fda25\"\u003e\u003ccode\u003ed948ec1\u003c/code\u003e\u003c/a\u003e Preserve but deprecate CDN versions for v4, set up v5 with polyfills\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/ee65753cfc5d73cc9acd43aaa8012b3b233ddf32\"\u003e\u003ccode\u003eee65753\u003c/code\u003e\u003c/a\u003e Add root \u003ccode\u003emise :format\u003c/code\u003e task\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/9f5bdf5d5a944772aa9668c4fa6567d89ca01fa9\"\u003e\u003ccode\u003e9f5bdf5\u003c/code\u003e\u003c/a\u003e Add positional argument to \u003ccode\u003etest/smoke.sh\u003c/code\u003e script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/651ead6faf331515814803faf457f5b9db7c9729\"\u003e\u003ccode\u003e651ead6\u003c/code\u003e\u003c/a\u003e Split CDN bundles into separate \u003ccode\u003e@​date-fns/cdn\u003c/code\u003e package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/224c1a209967dad359a2c2adc9a5b0ef72e4fe7b\"\u003e\u003ccode\u003e224c1a2\u003c/code\u003e\u003c/a\u003e Deprecate type tests as attw hangs on date-fns package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/7bb2842dac3d579f84b2de62f015335fb3ac734a\"\u003e\u003ccode\u003e7bb2842\u003c/code\u003e\u003c/a\u003e Switch \u003ccode\u003ePACKAGE_OUTPUT_PATH\u003c/code\u003e to \u003ccode\u003e--dist\u003c/code\u003e flag in the package build script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/b6ad5acc5ab0b40777a2695ec074c2ffcd982763\"\u003e\u003ccode\u003eb6ad5ac\u003c/code\u003e\u003c/a\u003e Add flags to control package build script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/424a783de1fd974bcdbe907c9c5eb5154e9db29f\"\u003e\u003ccode\u003e424a783\u003c/code\u003e\u003c/a\u003e Fix docs release after moving to monorepo setup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/f95bcf18b53e6832b2c575c24c98654a24f52699\"\u003e\u003ccode\u003ef95bcf1\u003c/code\u003e\u003c/a\u003e (docs): Add missing \u003ccode\u003etsx\u003c/code\u003e dependency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/date-fns/date-fns/compare/v4.1.0...v4.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docx` from 9.6.1 to 9.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dolanmiu/docx/releases\"\u003edocx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.7.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump nanoid from 5.1.7 to 5.1.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3436\"\u003edolanmiu/docx#3436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump inquirer from 13.3.2 to 13.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3437\"\u003edolanmiu/docx#3437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump prettier from 3.8.1 to 3.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3438\"\u003edolanmiu/docx#3438\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump jiti from 2.6.1 to 2.7.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3439\"\u003edolanmiu/docx#3439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsx from 4.21.0 to 4.22.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3440\"\u003edolanmiu/docx#3440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-jsdoc from 62.8.0 to 63.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3441\"\u003edolanmiu/docx#3441\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump cspell from 9.7.0 to 10.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3442\"\u003edolanmiu/docx#3442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump the npm_and_yarn group across 1 directory with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3435\"\u003edolanmiu/docx#3435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-functional from 9.0.4 to 9.0.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3445\"\u003edolanmiu/docx#3445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.5.0 to 25.9.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3446\"\u003edolanmiu/docx#3446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pre-commit from 1.2.2 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3447\"\u003edolanmiu/docx#3447\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-unicorn from 63.0.0 to 64.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3448\"\u003edolanmiu/docx#3448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump jsdom from 29.0.1 to 29.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3449\"\u003edolanmiu/docx#3449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump inquirer from 13.4.3 to 14.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3451\"\u003edolanmiu/docx#3451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typedoc from 0.28.18 to 0.28.19 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3452\"\u003edolanmiu/docx#3452\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 8.59.4 to 8.60.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3450\"\u003edolanmiu/docx#3450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 8.59.4 to 8.60.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3454\"\u003edolanmiu/docx#3454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix/bundle types issue by \u003ca href=\"https://github.com/dolanmiu\"\u003e\u003ccode\u003e@​dolanmiu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3456\"\u003edolanmiu/docx#3456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript-eslint from 8.59.4 to 8.60.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3455\"\u003edolanmiu/docx#3455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Upgrade node-version in GitHub Actions workflow by \u003ca href=\"https://github.com/dolanmiu\"\u003e\u003ccode\u003e@​dolanmiu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3457\"\u003edolanmiu/docx#3457\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dolanmiu/docx/compare/9.7.0...9.7.1\"\u003ehttps://github.com/dolanmiu/docx/compare/9.7.0...9.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e9.7.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 8.56.1 to 8.57.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3388\"\u003edolanmiu/docx#3388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript-eslint from 8.56.1 to 8.57.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3389\"\u003edolanmiu/docx#3389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.3.5 to 25.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3390\"\u003edolanmiu/docx#3390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-jsdoc from 62.7.1 to 62.8.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3392\"\u003edolanmiu/docx#3392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump vite from 7.3.1 to 8.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3393\"\u003edolanmiu/docx#3393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.4.0 to 25.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3396\"\u003edolanmiu/docx#3396\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump undici from 7.21.0 to 7.24.1 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3398\"\u003edolanmiu/docx#3398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump nanoid from 5.1.6 to 5.1.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3402\"\u003edolanmiu/docx#3402\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump inquirer from 13.3.0 to 13.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3401\"\u003edolanmiu/docx#3401\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump jsdom from 28.1.0 to 29.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3400\"\u003edolanmiu/docx#3400\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 8.57.0 to 8.57.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3403\"\u003edolanmiu/docx#3403\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump vite from 8.0.0 to 8.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3406\"\u003edolanmiu/docx#3406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump jsdom from 29.0.0 to 29.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3407\"\u003edolanmiu/docx#3407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump flatted from 3.3.3 to 3.4.2 in the npm_and_yarn group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3408\"\u003edolanmiu/docx#3408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 8.57.0 to 8.57.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3404\"\u003edolanmiu/docx#3404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add track change support to images by \u003ca href=\"https://github.com/james-atticus\"\u003e\u003ccode\u003e@​james-atticus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3432\"\u003edolanmiu/docx#3432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: use sequential filenames for embedded fonts by \u003ca href=\"https://github.com/ctjlewis\"\u003e\u003ccode\u003e@​ctjlewis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3428\"\u003edolanmiu/docx#3428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(numbering): levels can associate with paragraph style by \u003ca href=\"https://github.com/Alexnortung\"\u003e\u003ccode\u003e@​Alexnortung\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3430\"\u003edolanmiu/docx#3430\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: make sure \u003ccode\u003ecode\u003c/code\u003e is being set for page size by \u003ca href=\"https://github.com/Alexnortung\"\u003e\u003ccode\u003e@​Alexnortung\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3427\"\u003edolanmiu/docx#3427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeature/comment replies and resolved state by \u003ca href=\"https://github.com/SerhiiShcheh\"\u003e\u003ccode\u003e@​SerhiiShcheh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3424\"\u003edolanmiu/docx#3424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(paragraph): add firstLineChars indent support by \u003ca href=\"https://github.com/hehecat\"\u003e\u003ccode\u003e@​hehecat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3420\"\u003edolanmiu/docx#3420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 8.57.1 to 8.57.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dolanmiu/docx/pull/3416\"\u003edolanmiu/docx#3416\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/4934d310c724520ad9d3e7e6d5d47430664ea9f7\"\u003e\u003ccode\u003e4934d31\u003c/code\u003e\u003c/a\u003e chore: Upgrade node-version in GitHub Actions workflow (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3457\"\u003e#3457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/a17c867b1cebb527c0dc4d48fec0f0d7d3e03716\"\u003e\u003ccode\u003ea17c867\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript-eslint from 8.59.4 to 8.60.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/28ae793f5fb808ef90bf6d83a1e4f7e52d07cf3c\"\u003e\u003ccode\u003e28ae793\u003c/code\u003e\u003c/a\u003e Fix/bundle types issue (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3456\"\u003e#3456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/12347dd0dacec6bec5939d7c18f91fff9a232579\"\u003e\u003ccode\u003e12347dd\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 8.59.4 to 8.60.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3454\"\u003e#3454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/7797f50d41f7a6118db40d490ed4708b0beae0cc\"\u003e\u003ccode\u003e7797f50\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3450\"\u003e#3450\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/e61edc0c0432fe48c07006f851be84c970a74f71\"\u003e\u003ccode\u003ee61edc0\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typedoc from 0.28.18 to 0.28.19 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3452\"\u003e#3452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/0d185a10b81ff2aad6ecd64eaf003c59fe73d44e\"\u003e\u003ccode\u003e0d185a1\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump inquirer from 13.4.3 to 14.0.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3451\"\u003e#3451\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/e757cff8f0604aceddc79194a77e239ec310573e\"\u003e\u003ccode\u003ee757cff\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump jsdom from 29.0.1 to 29.1.1 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3449\"\u003e#3449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/3958b5a71af153df1d752a4ecbb223f3857e70f0\"\u003e\u003ccode\u003e3958b5a\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump eslint-plugin-unicorn from 63.0.0 to 64.0.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3448\"\u003e#3448\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dolanmiu/docx/commit/1be2d5196a09b508b49eeb6085ea22a50e341f5f\"\u003e\u003ccode\u003e1be2d51\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pre-commit from 1.2.2 to 2.0.0 (\u003ca href=\"https://redirect.github.com/dolanmiu/docx/issues/3447\"\u003e#3447\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dolanmiu/docx/compare/9.6.1...9.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.4.3 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bypass caused by the new HTML element \u003ccode\u003eselectedcontent\u003c/code\u003e added in 3.4.4, thanks \u003ca href=\"https://github.com/KabirAcharya\"\u003e\u003ccode\u003e@​KabirAcharya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003eDOMPurify 3.4.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eselectedcontent\u003c/code\u003e element to default allow-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecommand\u003c/code\u003e and \u003ccode\u003ecommandfor\u003c/code\u003e attributes to default allowed-list, thanks \u003ca href=\"https://github.com/lukewarlow\"\u003e\u003ccode\u003e@​lukewarlow\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better template scrubbing for \u003ccode\u003eIN_PLACE\u003c/code\u003e operations, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded stronger checks for cross-realm windows, thanks \u003ca href=\"https://github.com/DEMON1A\"\u003e\u003ccode\u003e@​DEMON1A\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/fg0x0\"\u003e\u003ccode\u003e@​fg0x0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated demo website and made sure it uses the latest from main\u003c/li\u003e\n\u003cli\u003eUpdated existing workflows, fuzzer, dependabot, etc., added more tests\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.3...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lucide-react` from 1.16.0 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lucide-icons/lucide/releases\"\u003elucide-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(site): Remove survey from site by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4417\"\u003elucide-icons/lucide#4417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eplay-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/Ahmed-Dghaies\"\u003e\u003ccode\u003e@​Ahmed-Dghaies\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4412\"\u003elucide-icons/lucide#4412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(metadata): add missing use-cases prop on play-off.json by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4423\"\u003elucide-icons/lucide#4423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(docs): force hide #bb-banner, if html.has-bb-banner is missing by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4422\"\u003elucide-icons/lucide#4422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(docs): Remove \u003ccode\u003e@next\u003c/code\u003e from installation instructions for\u003ccode\u003e@lucide/svelte\u003c/code\u003e by \u003ca href=\"https://github.com/alecglassford\"\u003e\u003ccode\u003e@​alecglassford\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4432\"\u003elucide-icons/lucide#4432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(packages/angular): add support for Angular v22 and onwards by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4450\"\u003elucide-icons/lucide#4450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ci): add check to skip release if latest tag was created today by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4085\"\u003elucide-icons/lucide#4085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003ewebcam-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/jordan-burnett\"\u003e\u003ccode\u003e@​jordan-burnett\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4242\"\u003elucide-icons/lucide#4242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alecglassford\"\u003e\u003ccode\u003e@​alecglassford\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4432\"\u003elucide-icons/lucide#4432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jordan-burnett\"\u003e\u003ccode\u003e@​jordan-burnett\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4242\"\u003elucide-icons/lucide#4242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.17.0...1.18.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.17.0...1.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4376\"\u003elucide-icons/lucide#4376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(repo): Update issue templates and documentation for package ren… by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4379\"\u003elucide-icons/lucide#4379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Adds survey overlay to website by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4380\"\u003elucide-icons/lucide#4380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Certificate dev links by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4390\"\u003elucide-icons/lucide#4390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): changed \u003ccode\u003emartini\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4335\"\u003elucide-icons/lucide#4335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4386\"\u003elucide-icons/lucide#4386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e from 2.0.0 to 2.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4404\"\u003elucide-icons/lucide#4404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump devalue from 5.8.0 to 5.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4391\"\u003elucide-icons/lucide#4391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ws from 8.18.0 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4392\"\u003elucide-icons/lucide#4392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(gh-icon): limit icon size to a maximum of 256 pixels by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4398\"\u003elucide-icons/lucide#4398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(dependencies): Update dependencies by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4377\"\u003elucide-icons/lucide#4377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(copilot): Adding copilot instructions by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4407\"\u003elucide-icons/lucide#4407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add \u003ccode\u003eglobe-check\u003c/code\u003e by \u003ca href=\"https://github.com/Barakudum\"\u003e\u003ccode\u003e@​Barakudum\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4342\"\u003elucide-icons/lucide#4342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(metadata): Require use-cases in meta json by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4321\"\u003elucide-icons/lucide#4321\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eparasol\u003c/code\u003e icon by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4347\"\u003elucide-icons/lucide#4347\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/lucide-icons/lucide/commits/1.18.0/packages/lucide-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.6 to 19.2.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.7 (June 1st, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003eFormData\u003c/code\u003e entries in Server Actions which regressed in 19.2.6\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36566\"\u003e#36566\u003c/a\u003e by \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d\"\u003e\u003ccode\u003e6117d7c\u003c/code\u003e\u003c/a\u003e Version 19.2.7 (\u003ca href=\"https://github.com/facebook/react/tree/HEAD/packages/react/issues/36591\"\u003e#36591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.7/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actio...\n\n_Description has been truncated_","html_url":"https://github.com/samifahad58/suhail/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/samifahad58%2Fsuhail/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"}},{"old_version":"^3.3.1","new_version":"^3.4.10","update_type":"minor","path":"/superset-frontend/plugins/legacy-preset-chart-nvd3","pr_created_at":"2026-06-15T01:35:08.000Z","version_change":"^3.3.1 → ^3.4.10","issue":{"uuid":"4661389212","node_id":"PR_kwDOR_R5Lc7mWI4j","number":111,"state":"open","title":"build(deps): update dompurify requirement from ^3.3.1 to ^3.4.10 in /superset-frontend/plugins/legacy-preset-chart-nvd3","user":"dependabot[bot]","labels":["dependencies:npm","plugins"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T01:35:08.000Z","updated_at":"2026-06-15T01:35:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): update","packages":[{"name":"dompurify","old_version":"^3.3.1","new_version":"^3.4.10","repository_url":"https://github.com/cure53/DOMPurify"}],"path":"/superset-frontend/plugins/legacy-preset-chart-nvd3","ecosystem":"npm"},"body":"Updates the requirements on [dompurify](https://github.com/cure53/DOMPurify) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/011b0c78f2a0f57ee54f5fcccb697a46ca6e63ea\"\u003e\u003ccode\u003e011b0c7\u003c/code\u003e\u003c/a\u003e release: 3.4.5 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1382\"\u003e#1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5817ad969c15e67dfcd6cb37248d6e9c1553e7c3\"\u003e\u003ccode\u003e5817ad9\u003c/code\u003e\u003c/a\u003e release: 3.4.4 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/520edb0371a9638f9b51f1798051299a250c686b\"\u003e\u003ccode\u003e520edb0\u003c/code\u003e\u003c/a\u003e release: 3.4.3 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6f67fd396a7b8c64294343999fe607ca1f5299c0\"\u003e\u003ccode\u003e6f67fd3\u003c/code\u003e\u003c/a\u003e Sync/3.4.2 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1322\"\u003e#1322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b0cdbbf52331e854c0a2de875b1a3790ecec2b8\"\u003e\u003ccode\u003e5b0cdbb\u003c/code\u003e\u003c/a\u003e chore: merge main into 3.x for 3.4.1 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1301\"\u003e#1301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.1...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/learningsam20/superset-custom/pull/111","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/learningsam20%2Fsuperset-custom/issues/111","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/111/packages"}},{"old_version":"3.4.5","new_version":"3.4.10","update_type":"patch","path":null,"pr_created_at":"2026-06-15T00:46:15.000Z","version_change":"3.4.5 → 3.4.10","issue":{"uuid":"4661227380","node_id":"PR_kwDOSy_9u87mVprV","number":12,"state":"open","title":"chore(deps): bump the minor-and-patch group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["frontend"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T00:46:15.000Z","updated_at":"2026-06-15T00:46:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":7,"packages":[{"name":"dompurify","old_version":"3.4.5","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"marked","old_version":"18.0.4","new_version":"18.0.5","repository_url":"https://github.com/markedjs/marked"},{"name":"@tailwindcss/vite","old_version":"4.3.0","new_version":"4.3.1","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"react-router-dom","old_version":"7.16.0","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"@types/react","old_version":"19.2.16","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint-plugin-react-refresh","old_version":"0.5.2","new_version":"0.5.3","repository_url":"https://github.com/ArnaudBarre/eslint-plugin-react-refresh"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 6 updates in the /client directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.5` | `3.4.10` |\n| [marked](https://github.com/markedjs/marked) | `18.0.4` | `18.0.5` |\n| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.3.0` | `4.3.1` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.16.0` | `7.17.0` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.16` | `19.2.17` |\n| [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.5.2` | `0.5.3` |\n\n\nUpdates `dompurify` from 3.4.5 to 3.4.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactored codebase for clarity: extracted the public type declarations into \u003ccode\u003etypes.ts\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDecomposed the three largest sanitizer functions into focused helpers\u003c/li\u003e\n\u003cli\u003eRemoved duplicated defaults and dead branches, consolidated \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrubbing into single shared path\u003c/li\u003e\n\u003cli\u003eImproved per-node performance by hoisting the mXSS probe regexes and testing \u003ccode\u003etextContent\u003c/code\u003e before \u003ccode\u003einnerHTML\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded a deterministic micro-benchmark harness (\u003ccode\u003enpm run bench\u003c/code\u003e) with a \u003ccode\u003e--compare\u003c/code\u003e mode\u003c/li\u003e\n\u003cli\u003eReduced CI cost by running the full three-engine browser suite once per PR\u003c/li\u003e\n\u003cli\u003eRefreshed the \u003ccode\u003edemos/\u003c/code\u003e folder so every demo runs again, and added a SVG-via-\u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e demo\u003c/li\u003e\n\u003cli\u003eDocumented the bench and \u003ccode\u003etest:happydom\u003c/code\u003e scripts in the README\u003c/li\u003e\n\u003cli\u003eCompleted the Attack Classes \u0026amp; Bypass History wiki page\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFurther improved the handling of Trusted Types config options, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFurther improved the handling of \u003ccode\u003eIN_PLACE\u003c/code\u003e sanitization, thanks \u003ca href=\"https://github.com/mozfreddyb\"\u003e\u003ccode\u003e@​mozfreddyb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and Trusted Types related usage\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eUpdated README and wiki with more accurate documentation \u0026amp; attack samples\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleaned up the repository root, renamed some and removed unneeded files\u003c/li\u003e\n\u003cli\u003eFixed an issue with handling of Trusted Types policies, thanks \u003ca href=\"https://github.com/fulstadev\"\u003e\u003ccode\u003e@​fulstadev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the node iterator for better template scrubbing, thanks \u003ca href=\"https://github.com/IamLeandrooooo\"\u003e\u003ccode\u003e@​IamLeandrooooo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncluded formerly missing LICENSE-MPL in published npm package, thanks \u003ca href=\"https://github.com/asamuzaK\"\u003e\u003ccode\u003e@​asamuzaK\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHardened the handling of Shadow Roots when using \u003ccode\u003eIN_PLACE\u003c/code\u003e, thanks \u003ca href=\"https://github.com/GameZoneHacker\"\u003e\u003ccode\u003e@​GameZoneHacker\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved a problem leading to permanent hook pollution, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored the test suite and expanded test coverage significantly\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.4.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several issues with DOM Clobbering in \u003ccode\u003eIN_PLACE\u003c/code\u003e mode, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened the checks for cross-realm \u003ccode\u003eIN_PLACE\u003c/code\u003e and Shadow DOM sanitization, thanks \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/Bankde\"\u003e\u003ccode\u003e@​Bankde\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more test coverage for \u003ccode\u003eIN_PLACE\u003c/code\u003e and general DOM Clobbering attacks\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6ee5716f8336989753611beeca364957c0eb0c3e\"\u003e\u003ccode\u003e6ee5716\u003c/code\u003e\u003c/a\u003e release: 3.4.10 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1478\"\u003e#1478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/52102472d46035857c52df19e44285f8a1e102fc\"\u003e\u003ccode\u003e5210247\u003c/code\u003e\u003c/a\u003e release: 3.4.9 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1459\"\u003e#1459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bcdd8285412dc9c4c149652aed2d712e790d6ccf\"\u003e\u003ccode\u003ebcdd828\u003c/code\u003e\u003c/a\u003e release: 3.4.8 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1439\"\u003e#1439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/ca30f070c360df162a3e3848e80e6fd3c9e74bff\"\u003e\u003ccode\u003eca30f07\u003c/code\u003e\u003c/a\u003e release: 3.4.7 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1414\"\u003e#1414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/bb7739e5bccec7e1ab3dae3f3e42d02db3acaaae\"\u003e\u003ccode\u003ebb7739e\u003c/code\u003e\u003c/a\u003e release: 3.4.6 (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.4.5...3.4.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `marked` from 18.0.4 to 18.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markedjs/marked/releases\"\u003emarked's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev18.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/markedjs/marked/compare/v18.0.4...v18.0.5\"\u003e18.0.5\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eparse empty list item with trailing space (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3984\"\u003e#3984\u003c/a\u003e) (\u003ca href=\"https://github.com/markedjs/marked/commit/b55410f846570a2dbdd1f1afe1d51c6a7dd2a188\"\u003eb55410f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/4063c638cb621c09091d41b26f323ff074416bb9\"\u003e\u003ccode\u003e4063c63\u003c/code\u003e\u003c/a\u003e chore(release): 18.0.5 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/b55410f846570a2dbdd1f1afe1d51c6a7dd2a188\"\u003e\u003ccode\u003eb55410f\u003c/code\u003e\u003c/a\u003e fix: parse empty list item with trailing space (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3984\"\u003e#3984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/c6e667bf2a58c312ea3a26818d92ea728739de99\"\u003e\u003ccode\u003ec6e667b\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump eslint from 10.4.0 to 10.4.1 (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3986\"\u003e#3986\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/95f98ec7b9635ad96504225585c4e7e77a30405e\"\u003e\u003ccode\u003e95f98ec\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​arethetypeswrong/cli\u003c/code\u003e from 0.18.2 to 0.18.3 (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3985\"\u003e#3985\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/c1a86f00ccd81144422f1a4194756bd48111c531\"\u003e\u003ccode\u003ec1a86f0\u003c/code\u003e\u003c/a\u003e Add Node.js usage example to README (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3983\"\u003e#3983\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/763f72903f032bca64bb5c3c0633276aa924df70\"\u003e\u003ccode\u003e763f729\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump marked-man from 2.1.0 to 2.1.1 (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3978\"\u003e#3978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markedjs/marked/commit/2cf1fd04d9afa1081c5b836e2ca5b6b43ea0ee41\"\u003e\u003ccode\u003e2cf1fd0\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump markdown-it from 14.1.1 to 14.2.0 (\u003ca href=\"https://redirect.github.com/markedjs/marked/issues/3977\"\u003e#3977\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/markedjs/marked/compare/v18.0.4...v18.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tailwindcss/vite` from 4.3.0 to 4.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/releases\"\u003e@​tailwindcss/vite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md\"\u003e@​tailwindcss/vite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.3.1] - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8a14a710102cae195f6811e8578bef9477bc6be9\"\u003e\u003ccode\u003e8a14a71\u003c/code\u003e\u003c/a\u003e 4.3.1 (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite/issues/20226\"\u003e#20226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/73983e1cf5bc0ae721f4568cc24a5b5067b6b90b\"\u003e\u003ccode\u003e73983e1\u003c/code\u003e\u003c/a\u003e Fix 'Sourcemap is likely to be incorrect' warnings when using `@tailwindcss/v...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router-dom` from 7.16.0 to 7.17.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md\"\u003ereact-router-dom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.17.0\"\u003e\u003ccode\u003ereact-router@7.17.0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/195a0d03c1417127ccee73853058c8521beb4fce\"\u003e\u003ccode\u003e195a0d0\u003c/code\u003e\u003c/a\u003e Release v7.17.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15145\"\u003e#15145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router-dom@7.17.0/packages/react-router-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tailwindcss` from 4.3.0 to 4.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/releases\"\u003etailwindcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md\"\u003etailwindcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.3.1] - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8a14a710102cae195f6811e8578bef9477bc6be9\"\u003e\u003ccode\u003e8a14a71\u003c/code\u003e\u003c/a\u003e 4.3.1 (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20226\"\u003e#20226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/12833aa4b3a8813fd32da74be7a2fd75aa706ab7\"\u003e\u003ccode\u003e12833aa\u003c/code\u003e\u003c/a\u003e Fix canonicalization bug where we end up with a high precision number (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/97a5b3abfb75ce9722266cd323a24eee057634fc\"\u003e\u003ccode\u003e97a5b3a\u003c/code\u003e\u003c/a\u003e docs: fix double word 'to to' in test comment (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20216\"\u003e#20216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/d01e103cc4741c29764afaa287d2fb21356f7eea\"\u003e\u003ccode\u003ed01e103\u003c/code\u003e\u003c/a\u003e Add missing \u003ccode\u003einset\u003c/code\u003e keyword for \u003ccode\u003einset-shadow-none\u003c/code\u003e (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/ad6693906a321912c90fd13c4a92e2cb26660985\"\u003e\u003ccode\u003ead66939\u003c/code\u003e\u003c/a\u003e Allow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/efae52c3af50300d5066596a6acbaf87e68ef9e4\"\u003e\u003ccode\u003eefae52c\u003c/code\u003e\u003c/a\u003e Simplify CSS when using utilities that use a \u003ccode\u003e*-0\u003c/code\u003e or \u003ccode\u003e*-1\u003c/code\u003e value (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/6b43b6400a743a508afd712b50a73b2d3feb6444\"\u003e\u003ccode\u003e6b43b64\u003c/code\u003e\u003c/a\u003e Canonicalization: limit arbitrary to bare values conversion (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/d4f24c5f161b553dd99aef294ef6635093d1c440\"\u003e\u003ccode\u003ed4f24c5\u003c/code\u003e\u003c/a\u003e Fix invalid canonicalization where \u003ccode\u003e0\\\u0026lt;unit\u0026gt;\u003c/code\u003e was migrated to \u003ccode\u003e0\u003c/code\u003e (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/749c45ef26735c59a446fc5e13e96359b68b9082\"\u003e\u003ccode\u003e749c45e\u003c/code\u003e\u003c/a\u003e Expose \u003ccode\u003eindex\u003c/code\u003e and \u003ccode\u003esiblings\u003c/code\u003e on walk context (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20109\"\u003e#20109\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8dcdb66e8a58b9df621ed1a9cb59396e0ddb6dd7\"\u003e\u003ccode\u003e8dcdb66\u003c/code\u003e\u003c/a\u003e Bump dependencies (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/20095\"\u003e#20095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/tailwindcss\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/react` from 19.2.16 to 19.2.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint-plugin-react-refresh` from 0.5.2 to 0.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases\"\u003eeslint-plugin-react-refresh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix check for non component class exported via \u003ccode\u003eexport { }\u003c/code\u003e \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110\"\u003e#110\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109\"\u003e#109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md\"\u003eeslint-plugin-react-refresh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix check for non component class exported via \u003ccode\u003eexport { }\u003c/code\u003e \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110\"\u003e#110\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109\"\u003e#109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/00818e991486da1e4b76f510f5f9113271549944\"\u003e\u003ccode\u003e00818e9\u003c/code\u003e\u003c/a\u003e v0.5.3 [publish]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/202fc4a8bddcfb442a317ad604693d8436c3d3ea\"\u003e\u003ccode\u003e202fc4a\u003c/code\u003e\u003c/a\u003e Fix PascalCase class exported via \u003ccode\u003eexport { Name }\u003c/code\u003e incorrectly treated as Re...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.5.2...v0.5.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/ARCHITA-ROY/FitMart/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARCHITA-ROY%2FFitMart/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"}},{"old_version":"3.4.8","new_version":"3.4.10","update_type":"patch","path":null,"pr_created_at":"2026-06-15T00:25:37.000Z","version_change":"3.4.8 → 3.4.10","issue":{"uuid":"4661166175","node_id":"PR_kwDOScA0Sc7mVdZF","number":184,"state":"open","title":"build(deps): bump the production-dependencies group across 1 directory with 63 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T00:25:37.000Z","updated_at":"2026-06-15T00:25:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"production-dependencies","update_count":63,"packages":[{"name":"@hookform/resolvers","old_version":"3.9.0","new_version":"5.4.0","repository_url":"https://github.com/react-hook-form/resolvers"},{"name":"@radix-ui/react-accordion","old_version":"1.2.1","new_version":"1.2.13","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-alert-dialog","old_version":"1.1.2","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-aspect-ratio","old_version":"1.1.0","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-avatar","old_version":"1.1.1","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-checkbox","old_version":"1.1.2","new_version":"1.3.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-context-menu","old_version":"2.2.2","new_version":"2.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-dropdown-menu","old_version":"2.1.2","new_version":"2.1.17","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-hover-card","old_version":"1.1.2","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-label","old_version":"2.1.0","new_version":"2.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-menubar","old_version":"1.1.2","new_version":"1.1.17","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-navigation-menu","old_version":"1.2.1","new_version":"1.2.15","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-popover","old_version":"1.1.2","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-progress","old_version":"1.1.0","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-radio-group","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-scroll-area","old_version":"1.2.0","new_version":"1.2.11","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-select","old_version":"2.1.2","new_version":"2.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-separator","old_version":"1.1.0","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-slider","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-slot","old_version":"1.1.0","new_version":"1.2.5","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-switch","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-tabs","old_version":"1.1.1","new_version":"1.1.14","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-toast","old_version":"1.2.2","new_version":"1.2.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-toggle","old_version":"1.1.0","new_version":"1.1.11","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-toggle-group","old_version":"1.1.0","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-tooltip","old_version":"1.1.4","new_version":"1.2.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@supabase/supabase-js","old_version":"2.58.0","new_version":"2.108.1","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@tanstack/react-query","old_version":"5.59.16","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"@tiptap/extension-color","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-highlight","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-horizontal-rule","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-mention","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-placeholder","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-table","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-table-cell","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-table-header","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-table-row","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-text-align","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-underline","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/react","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/starter-kit","old_version":"3.19.0","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"cmdk","old_version":"1.0.0","new_version":"1.1.1","repository_url":"https://github.com/pacocoursey/cmdk"},{"name":"date-fns","old_version":"3.6.0","new_version":"4.4.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"dompurify","old_version":"3.4.8","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"embla-carousel-react","old_version":"8.3.0","new_version":"8.6.0","repository_url":"https://github.com/davidjerleke/embla-carousel"},{"name":"input-otp","old_version":"1.2.4","new_version":"1.4.2","repository_url":"https://github.com/guilhermerodz/input-otp"},{"name":"lucide-react","old_version":"0.462.0","new_version":"1.18.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"next-themes","old_version":"0.3.0","new_version":"0.4.6","repository_url":"https://github.com/pacocoursey/next-themes"},{"name":"react","old_version":"18.3.1","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-day-picker","old_version":"8.10.1","new_version":"10.0.1","repository_url":"https://github.com/gpbl/react-day-picker"},{"name":"react-dom","old_version":"18.3.1","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-resizable-panels","old_version":"2.1.5","new_version":"4.11.2","repository_url":"https://github.com/bvaughn/react-resizable-panels"},{"name":"react-router-dom","old_version":"6.27.0","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"recharts","old_version":"2.13.0","new_version":"3.8.1","repository_url":"https://github.com/recharts/recharts"},{"name":"sonner","old_version":"1.5.0","new_version":"2.0.7","repository_url":"https://github.com/emilkowalski/sonner"},{"name":"tailwind-merge","old_version":"2.5.4","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"vaul","old_version":"0.9.9","new_version":"1.1.2","repository_url":"https://github.com/emilkowalski/vaul"},{"name":"zod","old_version":"3.23.8","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-dependencies group with 58 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `3.9.0` | `5.4.0` |\n| [@radix-ui/react-accordion](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/accordion) | `1.2.1` | `1.2.13` |\n| [@radix-ui/react-alert-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/alert-dialog) | `1.1.2` | `1.1.16` |\n| [@radix-ui/react-aspect-ratio](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/aspect-ratio) | `1.1.0` | `1.1.9` |\n| [@radix-ui/react-avatar](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/avatar) | `1.1.1` | `1.1.12` |\n| [@radix-ui/react-checkbox](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/checkbox) | `1.1.2` | `1.3.4` |\n| [@radix-ui/react-context-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/context-menu) | `2.2.2` | `2.3.0` |\n| [@radix-ui/react-dropdown-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu) | `2.1.2` | `2.1.17` |\n| [@radix-ui/react-hover-card](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/hover-card) | `1.1.2` | `1.1.16` |\n| [@radix-ui/react-label](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/label) | `2.1.0` | `2.1.9` |\n| [@radix-ui/react-menubar](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/menubar) | `1.1.2` | `1.1.17` |\n| [@radix-ui/react-navigation-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/navigation-menu) | `1.2.1` | `1.2.15` |\n| [@radix-ui/react-popover](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover) | `1.1.2` | `1.1.16` |\n| [@radix-ui/react-progress](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/progress) | `1.1.0` | `1.1.9` |\n| [@radix-ui/react-radio-group](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radio-group) | `1.2.1` | `1.4.0` |\n| [@radix-ui/react-scroll-area](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/scroll-area) | `1.2.0` | `1.2.11` |\n| [@radix-ui/react-select](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select) | `2.1.2` | `2.3.0` |\n| [@radix-ui/react-separator](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/separator) | `1.1.0` | `1.1.9` |\n| [@radix-ui/react-slider](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slider) | `1.2.1` | `1.4.0` |\n| [@radix-ui/react-slot](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slot) | `1.1.0` | `1.2.5` |\n| [@radix-ui/react-switch](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/switch) | `1.1.1` | `1.3.0` |\n| [@radix-ui/react-tabs](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tabs) | `1.1.1` | `1.1.14` |\n| [@radix-ui/react-toast](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toast) | `1.2.2` | `1.2.16` |\n| [@radix-ui/react-toggle](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toggle) | `1.1.0` | `1.1.11` |\n| [@radix-ui/react-toggle-group](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toggle-group) | `1.1.0` | `1.1.12` |\n| [@radix-ui/react-tooltip](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tooltip) | `1.1.4` | `1.2.9` |\n| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.58.0` | `2.108.1` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.59.16` | `5.101.0` |\n| [@tiptap/extension-color](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-color) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-highlight](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-highlight) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-horizontal-rule](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-horizontal-rule) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-mention](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-mention) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-placeholder](https://github.com/ueberdosis/tiptap/tree/HEAD/packages-deprecated/extension-placeholder) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-table](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-table) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-table-cell](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-table-cell) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-table-header](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-table-header) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-table-row](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-table-row) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-text-align](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-text-align) | `3.19.0` | `3.26.1` |\n| [@tiptap/extension-underline](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-underline) | `3.19.0` | `3.26.1` |\n| [@tiptap/react](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/react) | `3.19.0` | `3.26.1` |\n| [@tiptap/starter-kit](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/starter-kit) | `3.19.0` | `3.26.1` |\n| [cmdk](https://github.com/pacocoursey/cmdk/tree/HEAD/cmdk) | `1.0.0` | `1.1.1` |\n| [date-fns](https://github.com/date-fns/date-fns) | `3.6.0` | `4.4.0` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.8` | `3.4.10` |\n| [embla-carousel-react](https://github.com/davidjerleke/embla-carousel) | `8.3.0` | `8.6.0` |\n| [input-otp](https://github.com/guilhermerodz/input-otp/tree/HEAD/packages/input-otp) | `1.2.4` | `1.4.2` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.462.0` | `1.18.0` |\n| [next-themes](https://github.com/pacocoursey/next-themes) | `0.3.0` | `0.4.6` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `18.3.1` | `19.2.7` |\n| [react-day-picker](https://github.com/gpbl/react-day-picker/tree/HEAD/packages/react-day-picker) | `8.10.1` | `10.0.1` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `18.3.1` | `19.2.7` |\n| [react-resizable-panels](https://github.com/bvaughn/react-resizable-panels) | `2.1.5` | `4.11.2` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `6.27.0` | `7.17.0` |\n| [recharts](https://github.com/recharts/recharts) | `2.13.0` | `3.8.1` |\n| [sonner](https://github.com/emilkowalski/sonner) | `1.5.0` | `2.0.7` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `2.5.4` | `3.6.0` |\n| [vaul](https://github.com/emilkowalski/vaul) | `0.9.9` | `1.1.2` |\n| [zod](https://github.com/colinhacks/zod) | `3.23.8` | `4.4.3` |\n\n\nUpdates `@hookform/resolvers` from 3.9.0 to 5.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react-hook-form/resolvers/releases\"\u003e@​hookform/resolvers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.3.0...v5.4.0\"\u003e5.4.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eadd guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)  (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e3d29924\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-09-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e fix output type for Zod 4 resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/e95721d3c8c6d6e555508b0e7b21c6ac801360cf\"\u003ee95721d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.2.0...v5.2.1\"\u003e5.2.1\u003c/a\u003e (2025-07-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ediscriminated union for zod v4 mini (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/49a0d7ba939f58e04ca2d01a98949fc70f50b53e\"\u003e49a0d7b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ezod v4 peer deps (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/2d28e6aca611b042e07da0ae4cf448adbe78e1f3\"\u003e2d28e6a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e fix output type for Zod 4 resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/801\"\u003e#801\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/bc09647a5eec21d07097a8ccf89fb52ebf50a1ec\"\u003ebc09647\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.1.1...v5.2.0\"\u003e5.2.0\u003c/a\u003e (2025-07-25)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eajv:\u003c/strong\u003e add ajv-formats for ajvResolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/797\"\u003e#797\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/f04003972a3cc7875beb073ff88c942deb6a2086\"\u003ef040039\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ezod peer dep issue (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/79cd8b284da29a5a42cd5fdafa2e767747fcfcf7\"\u003e79cd8b2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.0.1...v5.1.0\"\u003e5.1.0\u003c/a\u003e (2025-06-07)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e\u003ccode\u003e3d29924\u003c/code\u003e\u003c/a\u003e feat: add guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/56b68f3798612601190a533887847d8fef2c94af\"\u003e\u003ccode\u003e56b68f3\u003c/code\u003e\u003c/a\u003e feat: 5.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/cf8562d88ce3a1658676b2ef996347f29e05b3ee\"\u003e\u003ccode\u003ecf8562d\u003c/code\u003e\u003c/a\u003e update readme on ata-validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/5e5b6103692fa599ddacca39a03bf707e73a5012\"\u003e\u003ccode\u003e5e5b610\u003c/code\u003e\u003c/a\u003e fix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/72aacf8604d697a29a1859f8bffccf18adb86add\"\u003e\u003ccode\u003e72aacf8\u003c/code\u003e\u003c/a\u003e Revise supported versions in SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/ad89a20d869f2dc21b905168c5578b3522c01b64\"\u003e\u003ccode\u003ead89a20\u003c/code\u003e\u003c/a\u003e feat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/02286db88310fd23e1de61ad880c23e210801813\"\u003e\u003ccode\u003e02286db\u003c/code\u003e\u003c/a\u003e ci: updated publish workflow to use node 24 (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/2e9bc7c7d02506d336e20d8c0bae0c479f3662ec\"\u003e\u003ccode\u003e2e9bc7c\u003c/code\u003e\u003c/a\u003e Fix(zodResolver): error paths in complex unions \u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/787\"\u003e#787\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/819\"\u003e#819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/e95721d3c8c6d6e555508b0e7b21c6ac801360cf\"\u003e\u003ccode\u003ee95721d\u003c/code\u003e\u003c/a\u003e fix(zod): fix output type for Zod 4 resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/49a0d7ba939f58e04ca2d01a98949fc70f50b53e\"\u003e\u003ccode\u003e49a0d7b\u003c/code\u003e\u003c/a\u003e fix: discriminated union for zod v4 mini (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v3.9.0...v5.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-accordion` from 1.2.1 to 1.2.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/accordion/CHANGELOG.md\"\u003e@​radix-ui/react-accordion's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/accordion\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-accordion\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-alert-dialog` from 1.1.2 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/alert-dialog/CHANGELOG.md\"\u003e@​radix-ui/react-alert-dialog's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dialog@1.1.15\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/alert-dialog/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.14\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dialog@1.1.13\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dialog@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/alert-dialog\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-alert-dialog\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-aspect-ratio` from 1.1.0 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/aspect-ratio/CHANGELOG.md\"\u003e@​radix-ui/react-aspect-ratio's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/aspect-ratio/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/aspect-ratio\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-aspect-ratio\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-avatar` from 1.1.1 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/avatar/CHANGELOG.md\"\u003e@​radix-ui/react-avatar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/avatar\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-avatar\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-checkbox` from 1.1.2 to 1.3.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/checkbox/CHANGELOG.md\"\u003e@​radix-ui/react-checkbox's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.3.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/checkbox/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix type error emitted in build artifacts\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd unstable \u003ccode\u003eProvider\u003c/code\u003e, \u003ccode\u003eTrigger\u003c/code\u003e and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Checkbox (\u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3459\"\u003e#3459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAll form controls with internal bubble inputs now use the Radix \u003ccode\u003ePrimitive\u003c/code\u003e component by default. This will allow us to expose these components directly so users can better control this behavior in the future.\u003c/li\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/checkbox/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/checkbox\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-checkbox\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-collapsible` from 1.1.1 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/collapsible/CHANGELOG.md\"\u003e@​radix-ui/react-collapsible's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/collapsible\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-collapsible\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-context-menu` from 2.2.2 to 2.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/context-menu/CHANGELOG.md\"\u003e@​radix-ui/react-context-menu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for a controlled \u003ccode\u003eopen\u003c/code\u003e prop on \u003ccode\u003eContextMenu.Root\u003c/code\u003e. This is intended for reading the open state and closing the menu programmatically, though we discourage opening the menu programmatically since opening the menu depends on user interaction to position the menu.\u003c/li\u003e\n\u003cli\u003eFixed bug in context menu where submenus stayed expanded after re-opening on long-press touch events\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.17\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/context-menu/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.15\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.14\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.13\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.12\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/context-menu/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/context-menu\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-context-menu\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-dialog` from 1.1.2 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/dialog/CHANGELOG.md\"\u003e@​radix-ui/react-dialog's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed disabled pointer events in closed dialogs\u003c/li\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dialog\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-dialog\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-dropdown-menu` from 2.1.2 to 2.1.17\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/dropdown-menu/CHANGELOG.md\"\u003e@​radix-ui/react-dropdown-menu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.17\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.15\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.14\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.13\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.12\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dropdown-menu\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-dropdown-menu\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-hover-card` from 1.1.2 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/hover-card/CHANGELOG.md\"\u003e@​radix-ui/react-hover-card's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/hover-card/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/hover-card/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/hover-card\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-hover-card\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-label` from 2.1.0 to 2.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/label/CHANGELOG.md\"\u003e@​radix-ui/react-label's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/label/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/label\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-label\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-menubar` from 1.1.2 to 1.1.17\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/menubar/CHANGELOG.md\"\u003e@​radix-ui/react-menubar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.17\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/menubar/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-roving-focus@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.15\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.14\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.13\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.12\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-roving-focus@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/menubar/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-menu@2.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/menubar\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-menubar\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-navigation-menu` from 1.2.1 to 1.2.15\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/navigation-menu/CHANGELOG.md\"\u003e@​radix-ui/react-navigation-menu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/navigation-menu\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-navigation-menu\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-popover` from 1.1.2 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/popover/CHANGELOG.md\"\u003e@​radix-ui/react-popover's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.10\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/popover\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-popover\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-progress` from 1.1.0 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/progress/CHANGELOG.md\"\u003e@​radix-ui/react-progress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/progress/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/progress\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-progress\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-radio-group` from 1.2.1 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/radio-group/CHANGELOG.md\"\u003e@​radix-ui/react-radio-group's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eRadioGroupItemProvider\u003c/code\u003e, \u003ccode\u003eRadioGroupItemTrigger\u003c/code\u003e and \u003ccode\u003eRadioGroupItemBubbleInput\u003c/code\u003e parts. These expose the previously internal composition of a radio item (context provider, the interactive control, and the hidden form input) so consumers can directly access and recompose them. The \u003ccode\u003eRadioGroupItem\u003c/code\u003e component continues to render them by default.\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.11\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radio-group/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-roving-focus@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.9\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAllow passing value of \u003ccode\u003enull\u003c/code\u003e to controlled Radio Group when all items are unchecked\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.8\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-roving-focus@1.1.7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAll form controls with internal bubble inputs now use the Radix \u003ccode\u003ePrimitive\u003c/code\u003e component by default. This will allow us to expose these components directly so users can better control this behavior in the future.\u003c/li\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radio-group/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/radio-group\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-radio-group\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-scroll-area` from 1.2.0 to 1.2.11\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/scroll-area/CHANGELOG.md\"\u003e@​radix-ui/react-scroll-area's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003edata-state\u003c/code\u003e attribute for Scroll Area scrollbars\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/scroll-area/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/scroll-area\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-scroll-area\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-select` from 2.1.2 to 2.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/select/CHANGELOG.md\"\u003e@​radix-ui/react-select's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eProvider\u003c/code\u003e and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Select. \u003ccode\u003eSelect.unstable_Provider\u003c/code\u003e sets up Select's context and state without implicitly rendering the hidden native \u003ccode\u003eselect\u003c/code\u003e, and \u003ccode\u003eSelect.unstable_BubbleInput\u003c/code\u003e exposes that previously internal native \u003ccode\u003eselect\u003c/code\u003e so consumers can recompose it explicitly. \u003ccode\u003eSelect\u003c/code\u003e continues to render both by default.\u003c/li\u003e\n\u003cli\u003eAdded support for presence-based exit animations in Select\u003c/li\u003e\n\u003cli\u003eFixed Select hidden input so it submits empty string when no value is selected\u003c/li\u003e\n\u003cli\u003eFixed placeholder rendering when a controlled Select is reset to an empty value\u003c/li\u003e\n\u003cli\u003eAdded missing \u003ccode\u003e__selectScope\u003c/code\u003e prop to \u003ccode\u003ePopperContent\u003c/code\u003e component\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eSelect\u003c/code\u003e closing unexpectedly after touch-scrolling its content when rendered inside an open shadow DOM\u003c/li\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eSelectValue\u003c/code\u003e logging invalid prop errors when used with both \u003ccode\u003easChild\u003c/code\u003e and a placeholder\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.10\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-slot@1.2.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAll form controls with internal bubble inputs now use the Radix \u003ccode\u003ePrimitive\u003c/code\u003e component by default. This will allow us to expose these components directly so users can better control this behavior in the future.\u003c/li\u003e\n\u003cli\u003eMinor improvements to \u003ccode\u003euseControllableState\u003c/code\u003e to enhance performance, reduce surface area for bugs, and log warnings when misused (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select/issues/3455\"\u003e#3455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.7\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.2.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.6\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/select\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-select\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-separator` from 1.1.0 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/separator/CHANGELOG.md\"\u003e@​radix-ui/react-separator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/separator/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/separator\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-separator\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-slider` from 1.2.1 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/slider/CHANGELOG.md\"\u003e@​radix-ui/react-slider's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eThumbProvider\u003c/code\u003e, \u003ccode\u003eThumbTrigger\u003c/code\u003e, and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Slider. \u003ccode\u003eSliderThumb\u003c/code\u003e was previously a single component that implicitly rendered a hidden native input for form submission. It is now composed from these new parts, which are exposed so consumers can decouple the bubble input from the thumb (for example, to render or customize it independently) instead of relying on \u003ccode\u003eSliderThumb\u003c/code\u003e to render it implicitly. \u003ccode\u003eSliderThumb\u003c/code\u003e continues to render all three by default, so existing usage is unaffected.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003efocusVisible\u003c/code\u003e for non-keyboard interactions with slider thumbs for progressively enabling styles using \u003ccode\u003e:focus-visible\u003c/code\u003e alongside programmatic focus management\u003c/li\u003e\n\u003cli\u003eFixed Slider focus bugs in scrollable context\u003c/li\u003e\n\u003cli\u003eFixed a Slider bug where very small \u003ccode\u003estep\u003c/code\u003e values made the thumbs unresponsive\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-collection@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.8\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace deprecated 'ElementRef' with 'ComponentRef' (\u003ca href=\"https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slider/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/l...\n\n_Description has been truncated_","html_url":"https://github.com/yuna01066/acbanksysver2/pull/184","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yuna01066%2Facbanksysver2/issues/184","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/184/packages"}}]}