{"id":793,"name":"ejs","ecosystem":"npm","repository_url":"https://github.com/mde/ejs","issues_count":1947,"created_at":"2025-06-06T15:01:37.600Z","updated_at":"2025-06-06T15:01:37.600Z","purl":"pkg:npm/ejs","metadata":{"id":1654226,"name":"ejs","ecosystem":"npm","description":"Embedded JavaScript templates","homepage":"https://github.com/mde/ejs","licenses":"Apache-2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/mde/ejs","keywords_array":["template","engine","ejs"],"namespace":null,"versions_count":75,"first_release_published_at":"2011-02-14T21:15:53.948Z","latest_release_published_at":"2024-04-12T15:23:09.278Z","latest_release_number":"3.1.10","last_synced_at":"2025-06-05T14:02:06.424Z","created_at":"2022-04-09T13:36:23.871Z","updated_at":"2025-06-05T14:04:38.411Z","registry_url":"https://www.npmjs.com/package/ejs","install_command":"npm install ejs","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"latest":"3.1.10"}},"repo_metadata":{"id":25246794,"uuid":"28671602","full_name":"mde/ejs","owner":"mde","description":"Embedded JavaScript templates -- http://ejs.co","archived":false,"fork":false,"pushed_at":"2025-02-25T17:27:39.000Z","size":7049,"stargazers_count":7938,"open_issues_count":114,"forks_count":851,"subscribers_count":125,"default_branch":"main","last_synced_at":"2025-06-03T05:06:18.142Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mde.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2014-12-31T17:49:35.000Z","updated_at":"2025-06-02T03:49:46.000Z","dependencies_parsed_at":"2023-01-17T00:30:28.705Z","dependency_job_id":"4b849e84-ef35-4ad7-948c-f4701a5d386c","html_url":"https://github.com/mde/ejs","commit_stats":{"total_commits":2652,"total_committers":162,"mean_commits":16.37037037037037,"dds":0.5953996983408748,"last_synced_commit":"a4770b8ff49b93387c7f2760d957446cd332531a"},"previous_names":[],"tags_count":47,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mde","download_url":"https://codeload.github.com/mde/ejs/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":257961042,"owners_count":22628392,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"mde","name":"Matthew Eernisse","uuid":"757","kind":"user","description":"Literal rock star developer. JavaScript, music, Japanese, and serial commas. Author and maintainer of EJS.","email":"","website":"http://fleegix.org","location":"San Francisco, California, USA","twitter":null,"company":"Viable","icon_url":"https://avatars.githubusercontent.com/u/757?u=597d535991b1d896c81adb3ba921ac656c886f56\u0026v=4","repositories_count":46,"last_synced_at":"2024-04-16T00:35:38.947Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/mde","funding_links":[],"total_stars":8695,"followers":701,"following":10,"created_at":"2022-11-02T16:20:56.204Z","updated_at":"2024-04-16T00:35:47.795Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mde","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mde/repositories"},"tags":[{"name":"v3.1.10","sha":"d3f807dea9ce904e20a47a661f2310ce9134dc2a","kind":"tag","published_at":"2024-04-12T15:23:02.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.1.10","html_url":"https://github.com/mde/ejs/releases/tag/v3.1.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.10/manifests"},{"name":"v3.1.9","sha":"aed012481d11ee9e8ca024314262b90de7c6d91e","kind":"tag","published_at":"2023-03-12T19:29:51.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.1.9","html_url":"https://github.com/mde/ejs/releases/tag/v3.1.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.9/manifests"},{"name":"v3.1.8","sha":"5126ff57aafbbd732ae00dd268d89cba85a5b71a","kind":"tag","published_at":"2022-05-11T18:55:14.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.1.8","html_url":"https://github.com/mde/ejs/releases/tag/v3.1.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.8/manifests"},{"name":"v3.1.7","sha":"820855ad75034e303be82c482c5eb8c6616da5c5","kind":"tag","published_at":"2022-04-20T16:41:16.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.1.7","html_url":"https://github.com/mde/ejs/releases/tag/v3.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.7/manifests"},{"name":"v3.1.6","sha":"80bf3d7dcc20dffa38686a58b4e0ba70d5cac8a1","kind":"tag","published_at":"2021-02-06T20:27:48.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.1.6","html_url":"https://github.com/mde/ejs/releases/tag/v3.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.6/manifests"},{"name":"v3.1.5","sha":"1f58d4b927182e5dd37f3629751d1679eebbf0d8","kind":"tag","published_at":"2020-08-17T16:00:37.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.1.5","html_url":"https://github.com/mde/ejs/releases/tag/v3.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.5/manifests"},{"name":"v3.1.3","sha":"661d848eadcd85117f655b5f8327f13ae2cc85da","kind":"tag","published_at":"2020-05-17T06:59:01.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.1.3","html_url":"https://github.com/mde/ejs/releases/tag/v3.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.3/manifests"},{"name":"v3.1.2","sha":"e731c208fcc2fec1b65393ef5571dd080fdadabe","kind":"tag","published_at":"2020-04-24T04:27:06.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.1.2","html_url":"https://github.com/mde/ejs/releases/tag/v3.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.1.2/manifests"},{"name":"v3.0.2","sha":"e7ae463db4be9a24d4320ac529bf4f0cf6077c5b","kind":"tag","published_at":"2020-03-29T18:40:17.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.0.2","html_url":"https://github.com/mde/ejs/releases/tag/v3.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.0.2/manifests"},{"name":"v3.0.1","sha":"8ed85896bf2c2d6bd7e26a3f1b25028d81530e05","kind":"tag","published_at":"2019-11-24T01:39:03.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v3.0.1","html_url":"https://github.com/mde/ejs/releases/tag/v3.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v3.0.1/manifests"},{"name":"v2.7.4","sha":"1fe67b49c97b619004f7b5d9584acbfb7b674daa","kind":"tag","published_at":"2019-11-19T19:15:16.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.7.4","html_url":"https://github.com/mde/ejs/releases/tag/v2.7.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.7.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.7.4/manifests"},{"name":"v2.7.3","sha":"5cd81afdc5b7ceadfaf439c3da8b490cfb28114f","kind":"tag","published_at":"2019-11-19T01:59:52.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.7.3","html_url":"https://github.com/mde/ejs/releases/tag/v2.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.7.3/manifests"},{"name":"v2.7.2","sha":"bd3f7c8b2da62e479407bfe82ae5094c85317bb0","kind":"tag","published_at":"2019-11-13T20:52:11.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.7.2","html_url":"https://github.com/mde/ejs/releases/tag/v2.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.7.2/manifests"},{"name":"v2.7.1","sha":"3de0adee1f70ad113cf3305e362e8fe4e41e3f7f","kind":"tag","published_at":"2019-09-02T19:31:11.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.7.1","html_url":"https://github.com/mde/ejs/releases/tag/v2.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.7.1/manifests"},{"name":"v2.6.2","sha":"63a508202578dde14c28b665ca3eee792449f2d5","kind":"tag","published_at":"2019-06-15T15:26:33.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.6.2","html_url":"https://github.com/mde/ejs/releases/tag/v2.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.6.2/manifests"},{"name":"v2.6.1","sha":"ef26a6d9f2cdd39d8a2855b3e6604da833d6dccd","kind":"tag","published_at":"2018-05-05T18:52:13.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.6.1","html_url":"https://github.com/mde/ejs/releases/tag/v2.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.6.1/manifests"},{"name":"v2.5.9","sha":"a7a0d4204be4a4bf9fd5740139d674617dcca61f","kind":"tag","published_at":"2018-04-19T03:13:28.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.9","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.9/manifests"},{"name":"v2.5.8","sha":"b470b65141a695f42d2722919ce64d4543fedb4b","kind":"tag","published_at":"2018-03-26T00:17:15.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.8","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.8/manifests"},{"name":"v2.5.7","sha":"67ca0a80a5a68277774c693204ce49ef11bb84b4","kind":"tag","published_at":"2017-07-30T03:29:59.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.7","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.7/manifests"},{"name":"v2.5.6","sha":"153fe11fc7f9f321e1e5adc8a6f844c1d3f34429","kind":"tag","published_at":"2017-02-16T20:42:57.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.6","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.6/manifests"},{"name":"v2.5.5","sha":"a63b9731c49c62358bb3f220839a64cd66652a40","kind":"tag","published_at":"2016-12-06T08:05:27.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.5","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.5/manifests"},{"name":"v2.5.4","sha":"2aa2123daf233bd0930abe8074aed6221f62ddc5","kind":"tag","published_at":"2016-12-05T22:08:59.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.4","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.4/manifests"},{"name":"v2.5.3","sha":"89f006525f018ee4bd62b3d7527c81196cd7bea6","kind":"tag","published_at":"2016-11-28T21:18:16.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.3","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.3/manifests"},{"name":"v2.5.2","sha":"7de0036448d5282e782c09c400fe0374dd237562","kind":"tag","published_at":"2016-09-07T14:46:15.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.2","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.2/manifests"},{"name":"v2.5.1","sha":"469913d8aac83e744ac9ca47cd7b7493928c1638","kind":"tag","published_at":"2016-07-25T17:13:51.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.5.1","html_url":"https://github.com/mde/ejs/releases/tag/v2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.5.1/manifests"},{"name":"v2.4.2","sha":"3c6671f84eae581f0e4a761a16b7856bb5bb9ec1","kind":"tag","published_at":"2016-05-24T19:20:31.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.4.2","html_url":"https://github.com/mde/ejs/releases/tag/v2.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.4.2/manifests"},{"name":"v2.4.1","sha":"a70dd953992cf4c92cca48e50750d6cc4c7caaea","kind":"tag","published_at":"2016-01-24T05:07:19.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.4.1","html_url":"https://github.com/mde/ejs/releases/tag/v2.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.4.1/manifests"},{"name":"v2.3.4","sha":"dd208d6984d35dc8277a71db694408eeabaad9c7","kind":"tag","published_at":"2015-09-07T04:06:07.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.3.4","html_url":"https://github.com/mde/ejs/releases/tag/v2.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.3.4/manifests"},{"name":"v2.3.3","sha":"d87c739da83b1b13cf0445fee44ca763848a7412","kind":"tag","published_at":"2015-07-11T20:10:33.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.3.3","html_url":"https://github.com/mde/ejs/releases/tag/v2.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.3.3/manifests"},{"name":"v2.3.2","sha":"a4cc57a15b891288a29bcf69a22737037cc43590","kind":"tag","published_at":"2015-06-29T00:23:52.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.3.2","html_url":"https://github.com/mde/ejs/releases/tag/v2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.3.2/manifests"},{"name":"v2.3.1","sha":"17ce07dc23f1aa3b8667d2c76017ed422fceb301","kind":"tag","published_at":"2015-02-23T01:25:47.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.3.1","html_url":"https://github.com/mde/ejs/releases/tag/v2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.3.1/manifests"},{"name":"v2.2.4","sha":"a56d13f85c32ee41769e90632c528f20de507a7b","kind":"tag","published_at":"2015-02-01T18:28:35.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.2.4","html_url":"https://github.com/mde/ejs/releases/tag/v2.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.2.4/manifests"},{"name":"v2.2.3","sha":"fa06a6ae4a5c33b12723acc55282731b096e5ceb","kind":"tag","published_at":"2015-01-23T23:49:12.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.2.3","html_url":"https://github.com/mde/ejs/releases/tag/v2.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.2.3/manifests"},{"name":"v2.2.2","sha":"02407d52c9ddd26d9227fb4f971b7df04d0109e7","kind":"tag","published_at":"2015-01-21T22:24:23.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.2.2","html_url":"https://github.com/mde/ejs/releases/tag/v2.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.2.2/manifests"},{"name":"v2.2.1","sha":"8422af990c18be4078b7ed8a0543b064791a343e","kind":"tag","published_at":"2015-01-20T06:08:12.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.2.1","html_url":"https://github.com/mde/ejs/releases/tag/v2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.2.1/manifests"},{"name":"v2.1.4","sha":"4b5e7fec9a823332b651bdacd03d1c727d1905ce","kind":"tag","published_at":"2015-01-12T19:06:16.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.1.4","html_url":"https://github.com/mde/ejs/releases/tag/v2.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.1.4/manifests"},{"name":"v2.1.3","sha":"7d38b57c7bd626f57fdc84ea4cec76ed834da10e","kind":"tag","published_at":"2015-01-12T03:08:15.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.1.3","html_url":"https://github.com/mde/ejs/releases/tag/v2.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.1.3/manifests"},{"name":"v2.1.2","sha":"098cdd806695c53d16461bf7203ab65cbea82ff2","kind":"tag","published_at":"2015-01-11T20:14:19.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.1.2","html_url":"https://github.com/mde/ejs/releases/tag/v2.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.1.2/manifests"},{"name":"v2.1.1","sha":"f9561e1b07e269aecc03e0b6c46d93fdebbcdcb4","kind":"tag","published_at":"2015-01-11T17:53:07.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.1.1","html_url":"https://github.com/mde/ejs/releases/tag/v2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.1.1/manifests"},{"name":"v2.0.8","sha":"198da47ac7a7b19564807fce5953ae27fad42134","kind":"tag","published_at":"2015-01-06T21:01:24.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.0.8","html_url":"https://github.com/mde/ejs/releases/tag/v2.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.8/manifests"},{"name":"v2.0.7","sha":"3bc675eb9c02361c2c91da2b8be8963c61a07f5c","kind":"tag","published_at":"2015-01-05T20:49:59.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.0.7","html_url":"https://github.com/mde/ejs/releases/tag/v2.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.7/manifests"},{"name":"v2.0.6","sha":"c0d8b3c35689d25dfc62c4739c892e6ac681a516","kind":"tag","published_at":"2015-01-05T00:42:40.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.0.6","html_url":"https://github.com/mde/ejs/releases/tag/v2.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.6/manifests"},{"name":"v2.0.5","sha":"1b9f6c02a981abacdb716f37e104841a3e3f8aaa","kind":"tag","published_at":"2015-01-04T23:20:19.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.0.5","html_url":"https://github.com/mde/ejs/releases/tag/v2.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.5/manifests"},{"name":"v2.0.4","sha":"aed81d1dcc3a26df786a2d5dee9695cc48f18ea6","kind":"tag","published_at":"2015-01-04T23:17:11.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.0.4","html_url":"https://github.com/mde/ejs/releases/tag/v2.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.4/manifests"},{"name":"v2.0.3","sha":"496630850797ff7f45f9e9732ca7970bd4aa66fa","kind":"tag","published_at":"2015-01-04T18:48:15.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.0.3","html_url":"https://github.com/mde/ejs/releases/tag/v2.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.3/manifests"},{"name":"v2.0.2","sha":"3b557c47a6c47e05c68f6cc326c30fa10351261c","kind":"tag","published_at":"2015-01-04T07:03:12.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.0.2","html_url":"https://github.com/mde/ejs/releases/tag/v2.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.2/manifests"},{"name":"v2.0.1","sha":"c69e939d7400531f798fc26ac60092b4c6788bde","kind":"tag","published_at":"2015-01-04T07:02:18.000Z","download_url":"https://codeload.github.com/mde/ejs/tar.gz/v2.0.1","html_url":"https://github.com/mde/ejs/releases/tag/v2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mde%2Fejs/tags/v2.0.1/manifests"}]},"repo_metadata_updated_at":"2025-06-05T14:04:38.411Z","dependent_packages_count":15041,"downloads":96243333,"downloads_period":"last-month","dependent_repos_count":1532080,"rankings":{"downloads":0.02811908253484631,"dependent_repos_count":0.023272853120369388,"dependent_packages_count":0.00670805766410647,"stargazers_count":1.1618903470776416,"forks_count":1.3799432909019025,"docker_downloads_count":0.03553901570616407,"average":0.4392454411675051},"purl":"pkg:npm/ejs","advisories":[{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3Y2YtcHA4Ny03eDZw","url":"https://github.com/advisories/GHSA-hwcf-pp87-7x6p","title":"mde ejs vulnerable to XSS","description":"nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the `ejs.renderFile()` resulting in code injection","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2017-11-30T23:15:05.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2017-1000188","https://github.com/mde/ejs/commit/49264e0037e313a0a3e033450b5c184112516d8f","https://github.com/advisories/GHSA-hwcf-pp87-7x6p","https://web.archive.org/web/20200227134555/http://www.securityfocus.com/bid/101889"],"source_kind":"github","identifiers":["GHSA-hwcf-pp87-7x6p","CVE-2017-1000188"],"repository_url":"https://github.com/mde/ejs","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.5.5","vulnerable_version_range":"\u003c 2.5.5"}],"ecosystem":"npm","package_name":"ejs"}],"created_at":"2022-12-21T16:13:37.647Z","updated_at":"2023-09-08T21:35:57.000Z","epss_percentage":0.00234,"epss_percentile":0.46151},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4NzctcnBxZi1qNm13","url":"https://github.com/advisories/GHSA-6x77-rpqf-j6mw","title":"ejs vulnerable to DoS due to weak input validation","description":"nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in `ejs.renderFile()`","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2018-03-05T18:54:33.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2017-1000189","https://github.com/mde/ejs/commit/49264e0037e313a0a3e033450b5c184112516d8f","https://github.com/advisories/GHSA-6x77-rpqf-j6mw","https://web.archive.org/web/20171123041449/http://www.securityfocus.com/bid/101893"],"source_kind":"github","identifiers":["GHSA-6x77-rpqf-j6mw","CVE-2017-1000189"],"repository_url":"https://github.com/mde/ejs","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.5.5","vulnerable_version_range":"\u003c 2.5.5"}],"ecosystem":"npm","package_name":"ejs"}],"created_at":"2022-12-21T16:13:37.638Z","updated_at":"2023-09-08T21:00:30.000Z","epss_percentage":0.00913,"epss_percentile":0.74541},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN3NXYtcDU0Yy1mNzR4","url":"https://github.com/advisories/GHSA-3w5v-p54c-f74x","title":"ejs is vulnerable to remote code execution due to weak input validation","description":"nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in `ejs.renderFile()` function","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2017-11-30T23:15:19.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2017-1000228","https://github.com/advisories/GHSA-3w5v-p54c-f74x","https://snyk.io/vuln/npm:ejs:20161128","https://web.archive.org/web/20171123041219/http://www.securityfocus.com/bid/101897"],"source_kind":"github","identifiers":["GHSA-3w5v-p54c-f74x","CVE-2017-1000228"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.5.5","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"npm","package_name":"ejs"}],"created_at":"2022-12-21T16:13:37.628Z","updated_at":"2025-06-04T01:11:13.851Z","epss_percentage":0.0718,"epss_percentile":0.91126},{"uuid":"GSA_kwCzR0hTQS1waHdxLWo5Nm0tMmMycc1A-A","url":"https://github.com/advisories/GHSA-phwq-j96m-2c2q","title":"ejs template injection vulnerability","description":"The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation).","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2022-04-26T00:00:40.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2022-29078","https://eslam.io/posts/ejs-server-side-template-injection-rce/","https://github.com/mde/ejs/commit/15ee698583c98dadc456639d6245580d17a24baf","https://github.com/mde/ejs/releases","https://security.netapp.com/advisory/ntap-20220804-0001/","https://github.com/advisories/GHSA-phwq-j96m-2c2q"],"source_kind":"github","identifiers":["GHSA-phwq-j96m-2c2q","CVE-2022-29078"],"repository_url":"https://github.com/mde/ejs","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"3.1.7","vulnerable_version_range":"\u003c 3.1.7"}],"ecosystem":"npm","package_name":"ejs"}],"created_at":"2022-12-21T16:12:29.692Z","updated_at":"2023-01-30T05:02:57.000Z","epss_percentage":0.93462,"epss_percentile":0.99805},{"uuid":"GSA_kwCzR0hTQS1naHI1LWNoM3AtdmNyNs4AA7Xa","url":"https://github.com/advisories/GHSA-ghr5-ch3p-vcr6","title":"ejs lacks certain pollution protection","description":"The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2024-04-28T18:30:31.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.9,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2024-33883","https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5","https://github.com/mde/ejs/compare/v3.1.9...v3.1.10","https://security.netapp.com/advisory/ntap-20240605-0003","https://github.com/advisories/GHSA-ghr5-ch3p-vcr6"],"source_kind":"github","identifiers":["GHSA-ghr5-ch3p-vcr6","CVE-2024-33883"],"repository_url":"https://github.com/mde/ejs","blast_radius":42.678441958545754,"packages":[{"versions":[{"first_patched_version":"3.1.10","vulnerable_version_range":"\u003c 3.1.10"}],"ecosystem":"npm","package_name":"ejs"}],"created_at":"2024-05-01T09:05:16.331Z","updated_at":"2024-08-02T15:45:54.000Z","epss_percentage":0.00554,"epss_percentile":0.66715}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/ejs","docker_dependents_count":15585,"docker_downloads_count":3334471449,"usage_url":"https://repos.ecosyste.ms/usage/npm/ejs","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/ejs/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/ejs/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/ejs/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/ejs/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/ejs/related_packages","maintainers":[{"uuid":"mde","login":"mde","name":null,"email":"mde@fleegix.org","url":null,"packages_count":20,"html_url":"https://www.npmjs.com/~mde","role":null,"created_at":"2022-11-10T11:30:06.646Z","updated_at":"2022-11-10T11:30:06.646Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/mde/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5005316,"maintainers_count":1012639,"namespaces_count":295318,"keywords_count":699769,"github":"npm","metadata":{"funded_packages_count":150180},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-05T05:52:15.849Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":1526,"unique_repositories_count_past_30_days":14,"recent_issues":[{"uuid":"4626910441","node_id":"PR_kwDOBwapYs7koKE_","number":8855,"state":"open","title":"chore(deps): bump the test-versions group across 1 directory with 34 updates","user":"dependabot[bot]","labels":["semver-patch","dependencies","javascript","dependabot"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T00:59:51.000Z","updated_at":"2026-06-10T01:06:22.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"test-versions","update_count":34,"packages":[{"name":"@apollo/gateway","old_version":"2.14.0","new_version":"2.14.1","repository_url":"https://github.com/apollographql/federation"},{"name":"@apollo/subgraph","old_version":"2.14.0","new_version":"2.14.1","repository_url":"https://github.com/apollographql/federation"},{"name":"@babel/core","old_version":"7.29.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/preset-typescript","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@confluentinc/kafka-javascript","old_version":"1.9.0","new_version":"1.9.1","repository_url":"https://github.com/confluentinc/confluent-kafka-javascript"},{"name":"@datadog/openfeature-node-server","old_version":"1.2.1","new_version":"2.0.0","repository_url":"https://github.com/DataDog/openfeature-js-client"},{"name":"@elastic/elasticsearch","old_version":"9.4.0","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch-js"},{"name":"@elastic/transport","old_version":"9.3.5","new_version":"9.3.7","repository_url":"https://github.com/elastic/elastic-transport-js"},{"name":"@electron/packager","old_version":"20.0.0","new_version":"20.0.1","repository_url":"https://github.com/electron/packager"},{"name":"@google-cloud/pubsub","old_version":"5.3.0","new_version":"5.3.1","repository_url":"https://github.com/googleapis/google-cloud-node"},{"name":"@grpc/grpc-js","old_version":"1.14.3","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"@hono/node-server","old_version":"2.0.3","new_version":"2.0.4","repository_url":"https://github.com/honojs/node-server"},{"name":"@koa/router","old_version":"15.5.0","new_version":"15.6.0","repository_url":"https://github.com/koajs/router"},{"name":"@types/node","old_version":"25.9.0","new_version":"25.9.2","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"aerospike","old_version":"6.7.0","new_version":"6.7.1","repository_url":"https://github.com/aerospike/aerospike-client-nodejs"},{"name":"axios","old_version":"1.16.1","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.78.0","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"electron","old_version":"42.1.0","new_version":"42.3.3","repository_url":"https://github.com/electron/electron"},{"name":"graphql","old_version":"16.14.0","new_version":"16.14.1","repository_url":"https://github.com/graphql/graphql-js"},{"name":"graphql-yoga","old_version":"5.21.0","new_version":"5.21.1","repository_url":"https://github.com/graphql-hive/graphql-yoga"},{"name":"hono","old_version":"4.12.19","new_version":"4.12.23","repository_url":"https://github.com/honojs/hono"},{"name":"koa","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/koajs/koa"},{"name":"mariadb","old_version":"3.4.5","new_version":"3.5.2","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-nodejs"},{"name":"next","old_version":"16.2.6","new_version":"16.2.7","repository_url":"https://github.com/vercel/next.js"},{"name":"npm","old_version":"11.14.1","new_version":"11.16.0","repository_url":"https://github.com/npm/cli"},{"name":"oracledb","old_version":"6.10.0","new_version":"7.0.0","repository_url":"https://github.com/oracle/node-oracledb"},{"name":"pnpm","old_version":"11.1.3","new_version":"11.5.2","repository_url":"https://github.com/pnpm/pnpm"},{"name":"protobufjs","old_version":"8.4.0","new_version":"8.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"react","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"stripe","old_version":"22.1.1","new_version":"22.2.0","repository_url":"https://github.com/stripe/stripe-node"},{"name":"undici","old_version":"8.3.0","new_version":"8.4.0","repository_url":"https://github.com/nodejs/undici"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the test-versions group with 34 updates in the /packages/dd-trace/test/plugins/versions directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@apollo/gateway](https://github.com/apollographql/federation/tree/HEAD/gateway-js) | `2.14.0` | `2.14.1` |\n| [@apollo/subgraph](https://github.com/apollographql/federation/tree/HEAD/subgraph-js) | `2.14.0` | `2.14.1` |\n| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.29.0` | `7.29.7` |\n| [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) | `7.28.5` | `7.29.7` |\n| [@confluentinc/kafka-javascript](https://github.com/confluentinc/confluent-kafka-javascript) | `1.9.0` | `1.9.1` |\n| [@datadog/openfeature-node-server](https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server) | `1.2.1` | `2.0.0` |\n| [@elastic/elasticsearch](https://github.com/elastic/elasticsearch-js) | `9.4.0` | `9.4.2` |\n| [@elastic/transport](https://github.com/elastic/elastic-transport-js) | `9.3.5` | `9.3.7` |\n| [@electron/packager](https://github.com/electron/packager) | `20.0.0` | `20.0.1` |\n| [@google-cloud/pubsub](https://github.com/googleapis/google-cloud-node/tree/HEAD/handwritten/pubsub) | `5.3.0` | `5.3.1` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.14.3` | `1.14.4` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `2.0.3` | `2.0.4` |\n| [@koa/router](https://github.com/koajs/router) | `15.5.0` | `15.6.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.0` | `25.9.2` |\n| [aerospike](https://github.com/aerospike/aerospike-client-nodejs) | `6.7.0` | `6.7.1` |\n| [axios](https://github.com/axios/axios) | `1.16.1` | `1.17.0` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.78.0` |\n| [ejs](https://github.com/mde/ejs) | `5.0.2` | `6.0.1` |\n| [electron](https://github.com/electron/electron) | `42.1.0` | `42.3.3` |\n| [graphql](https://github.com/graphql/graphql-js) | `16.14.0` | `16.14.1` |\n| [graphql-yoga](https://github.com/graphql-hive/graphql-yoga/tree/HEAD/packages/graphql-yoga) | `5.21.0` | `5.21.1` |\n| [hono](https://github.com/honojs/hono) | `4.12.19` | `4.12.23` |\n| [koa](https://github.com/koajs/koa) | `3.2.0` | `3.2.1` |\n| [mariadb](https://github.com/mariadb-corporation/mariadb-connector-nodejs) | `3.4.5` | `3.5.2` |\n| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.7` |\n| [npm](https://github.com/npm/cli) | `11.14.1` | `11.16.0` |\n| [oracledb](https://github.com/oracle/node-oracledb) | `6.10.0` | `7.0.0` |\n| [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) | `11.1.3` | `11.5.2` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `8.4.0` | `8.6.1` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |\n| [stripe](https://github.com/stripe/stripe-node) | `22.1.1` | `22.2.0` |\n| [undici](https://github.com/nodejs/undici) | `8.3.0` | `8.4.0` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n\n\nUpdates `@apollo/gateway` from 2.14.0 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/releases\"\u003e@​apollo/gateway's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/gateway\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePass instrumentation scope version as a separate argument when creating the OpenTelemetry meter for telemetry. Fixes \u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3436\"\u003e#3436\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/apollographql/federation/pull/3439\"\u003e#3439\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/621568719382df6592749168893e0e533a648ba5\"\u003e\u003ccode\u003e621568719382df6592749168893e0e533a648ba5\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/composition\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/query-planner\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/blob/main/gateway-js/CHANGELOG.md\"\u003e@​apollo/gateway's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePass instrumentation scope version as a separate argument when creating the OpenTelemetry meter for telemetry. Fixes \u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3436\"\u003e#3436\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/apollographql/federation/pull/3439\"\u003e#3439\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/621568719382df6592749168893e0e533a648ba5\"\u003e\u003ccode\u003e621568719382df6592749168893e0e533a648ba5\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/composition\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/query-planner\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/582d2d29938a940405625232d4eef25db0f7045d\"\u003e\u003ccode\u003e582d2d2\u003c/code\u003e\u003c/a\u003e release: on branch main (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3443\"\u003e#3443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/cdc1810d1b9ec8cab06c1a38ca1ba8c019abd316\"\u003e\u003ccode\u003ecdc1810\u003c/code\u003e\u003c/a\u003e Update gateway tracing name to match ingestion side expectations (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3446\"\u003e#3446\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/d9c721c5a93220c59970beb5750ef86044b52a10\"\u003e\u003ccode\u003ed9c721c\u003c/code\u003e\u003c/a\u003e Pass scope version as a separate argument in telemetry instantiation (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3439\"\u003e#3439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apollographql/federation/commits/@apollo/gateway@2.14.1/gateway-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@apollo/subgraph` from 2.14.0 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/releases\"\u003e@​apollo/subgraph's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/subgraph\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/blob/main/subgraph-js/CHANGELOG.md\"\u003e@​apollo/subgraph's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/582d2d29938a940405625232d4eef25db0f7045d\"\u003e\u003ccode\u003e582d2d2\u003c/code\u003e\u003c/a\u003e release: on branch main (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/subgraph-js/issues/3443\"\u003e#3443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apollographql/federation/commits/@apollo/subgraph@2.14.1/subgraph-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/core` from 7.29.0 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/04ea6b27fdac8f40c3481aec2080ac9678779509\"\u003e\u003ccode\u003e04ea6b2\u003c/code\u003e\u003c/a\u003e v7.29.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99f498a9b9fa0b900d603fbe8f6601bb3b9e42bb\"\u003e\u003ccode\u003e99f498a\u003c/code\u003e\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/18001\"\u003e#18001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/feba0a3654c596bd369d1ef1231f5d56666d56dc\"\u003e\u003ccode\u003efeba0a3\u003c/code\u003e\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17998\"\u003e#17998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/preset-typescript` from 7.28.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/preset-typescript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f3a22268bdc4fc6748cbc2be718a4d1090bdaf00\"\u003e\u003ccode\u003ef3a2226\u003c/code\u003e\u003c/a\u003e [babel 7] Delete Babel 8 fixtures (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17729\"\u003e#17729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-preset-typescript\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@confluentinc/kafka-javascript` from 1.9.0 to 1.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/releases\"\u003e@​confluentinc/kafka-javascript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.9.1 is a maintenance release. It is supported for all usage.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2\"\u003elibrdkafka v2.14.2 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returnes undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003ev1.9.1-rc1 is a maintenance release candidate. It is not supported.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2-RC3. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2-RC3\"\u003elibrdkafka v2.14.2-RC3 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returns undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/blob/master/CHANGELOG.md\"\u003e@​confluentinc/kafka-javascript's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003econfluent-kafka-javascript 1.9.1\u003c/h1\u003e\n\u003cp\u003ev1.9.1 is a maintenance release. It is supported for all usage.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2\"\u003elibrdkafka v2.14.2 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returnes undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/cf4cf8fff87d9e62e50ba341ec4edc8c34d6704f\"\u003e\u003ccode\u003ecf4cf8f\u003c/code\u003e\u003c/a\u003e v1.9.1 (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/494\"\u003e#494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/1c06ed05847d5e60b9b3e323a688edab857e4946\"\u003e\u003ccode\u003e1c06ed0\u003c/code\u003e\u003c/a\u003e v1.9.1-rc1 (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/493\"\u003e#493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/eacb098cc1b45bcfa8040fc94ee9d1d7fcb3fb31\"\u003e\u003ccode\u003eeacb098\u003c/code\u003e\u003c/a\u003e [fix] pass string as first arg to user logger on error events (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/9357d60067604e9fc581f0eba90183a00c2c0ff5\"\u003e\u003ccode\u003e9357d60\u003c/code\u003e\u003c/a\u003e NONJAVACLI-4353: bump axios and pin transitive deps for CVE fixes (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/ce56a23219c03893b5efe6c8054ef4a7d72eecbe\"\u003e\u003ccode\u003ece56a23\u003c/code\u003e\u003c/a\u003e Resolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/59e32516fc5ad585ca6fd03fff0d9fd92a5665d8\"\u003e\u003ccode\u003e59e3251\u003c/code\u003e\u003c/a\u003e fix(package.json): correct broken \u0026quot;types\u0026quot; path (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/f92eace3bb1d631f0779b94875f82b85de82d4a6\"\u003e\u003ccode\u003ef92eace\u003c/code\u003e\u003c/a\u003e [Typescript] Fix \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type from \u003ccode\u003e|| undefined\u003c/code\u003e to `|...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/2e82d006febcca3fb73be53d3ae9ed6d81abe733\"\u003e\u003ccode\u003e2e82d00\u003c/code\u003e\u003c/a\u003e Fix the typescript return type for admin.describeGroups() per \u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/488\"\u003e#488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/685bdb2f125e33f9349af00596c878b05e69e693\"\u003e\u003ccode\u003e685bdb2\u003c/code\u003e\u003c/a\u003e Correct the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/486\"\u003e#486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/6ef5fd264bafd7dcbb7247f045fb7d86547e4055\"\u003e\u003ccode\u003e6ef5fd2\u003c/code\u003e\u003c/a\u003e DGS-24227 Preserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/compare/v1.9.0...v1.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@datadog/openfeature-node-server` from 1.2.1 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/releases\"\u003e@​datadog/openfeature-node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add npm compatibility smoke test by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003eDataDog/openfeature-js-client#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003eDataDog/openfeature-js-client#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: switch to lerna independent versioning by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003eDataDog/openfeature-js-client#288\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@datadog/openfeature-node-server@2.0.0\"\u003ehttps://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@​datadog/openfeature-node-server@2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/blob/main/CHANGELOG.md\"\u003e@​datadog/openfeature-node-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-browser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.2.2, \u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version to prevent version skew [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003echore: switch to lerna independent versioning (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: add npm compatibility smoke test (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e This is the first stable release with the serialId feature. v1.2.0 had yarn syntax issues, v1.2.1 had loose dependency issues. \u003ccode\u003enode-server\u003c/code\u003e is bumped to 2.0.0 to prevent automatic upgrades by older dd-trace versions with unpinned dependencies.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat(node): expose serial ID in flagMetadata for span enrichment (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/269\"\u003e#269\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003e👷 ci(deps): Bump dependabot/fetch-metadata (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/267\"\u003e#267\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e👷 ci(deps)(deps): Bump actions/setup-node in the github-actions group (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump tmp from 0.2.3 to 0.2.5 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/228\"\u003e#228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps-dev)(deps-dev): Bump glob from 11.1.0 to 13.0.6 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps): Bump axios from 1.13.4 to 1.15.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate missed touchpoints on v1.1.1 release\u003c/li\u003e\n\u003cli\u003efix: replace Map\u0026lt;string, string\u0026gt; constraint with CacheDelegate to avoid MapIterator in declarations (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/263\"\u003e#263\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(browser): bump \u003ccode\u003e@​datadog/browser-core\u003c/code\u003e to ^6.33.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/261\"\u003e#261\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/254\"\u003e#254\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/253\"\u003e#253\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003echore(browser): move \u003ccode\u003e@​types/chrome\u003c/code\u003e from dependencies to devDependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/250\"\u003e#250\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003efix(node): mark open \u003ccode\u003e@​openfeature/server-sdk\u003c/code\u003e as non-optional (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/248\"\u003e#248\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eRemove nested attributes from setContext example (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/234\"\u003e#234\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003echore: Harden npm supply chain with \u003ccode\u003e@​lavamoat/allow-scripts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/233\"\u003e#233\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e*_ Bug Fixes_\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow null targeting key for static and rule-only flags (\u003ca href=\"https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server/issues/232\"\u003e#232\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBehavior Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/208293e04a79701c97f416665c51b6ccd02c089f\"\u003e\u003ccode\u003e208293e\u003c/code\u003e\u003c/a\u003e Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/d81d422b2676b0202c8b3b8fd98c6bb6238ef8b1\"\u003e\u003ccode\u003ed81d422\u003c/code\u003e\u003c/a\u003e fix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DataDog/openfeature-js-client/commits/@datadog/openfeature-node-server@2.0.0/packages/node-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/elasticsearch` from 9.4.0 to 9.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elasticsearch-js/releases\"\u003e@​elastic/elasticsearch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.4.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.2\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.4.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.1\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/436cd88c09899bbbb48fc53174d08e8f73371a41\"\u003e\u003ccode\u003e436cd88\u003c/code\u003e\u003c/a\u003e bump 9.4.2 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3309\"\u003e#3309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/6cd7358e05b0fb70572f2766963ac44493e43417\"\u003e\u003ccode\u003e6cd7358\u003c/code\u003e\u003c/a\u003e fix: bulk operations check too strict [backport] (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3311\"\u003e#3311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/cabdb6606def80e8410d051c45d2e4f151541785\"\u003e\u003ccode\u003ecabdb66\u003c/code\u003e\u003c/a\u003e fix: backport globby removal and junit CI fixes to 9.4 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3303\"\u003e#3303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/47ca4ab865ff4fefb1e679d03078c90f3bb4b490\"\u003e\u003ccode\u003e47ca4ab\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3300\"\u003e#3300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/78a4391d247c7e1bef9f70264c053c981a9424a9\"\u003e\u003ccode\u003e78a4391\u003c/code\u003e\u003c/a\u003e [9.4] chore: update ESM patching for apache-arrow (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3294\"\u003e#3294\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3295\"\u003e#3295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/b88dca6c76756aa354f69ff0069fd40f4c198084\"\u003e\u003ccode\u003eb88dca6\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3290\"\u003e#3290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/bd7b2af7a6d2de7a09ebaf7ea725bbe57723d3d9\"\u003e\u003ccode\u003ebd7b2af\u003c/code\u003e\u003c/a\u003e 9.4.1 changelog (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3284\"\u003e#3284\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3285\"\u003e#3285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/4ff8dce1ae7ef54e514feac06925df94dbe8049a\"\u003e\u003ccode\u003e4ff8dce\u003c/code\u003e\u003c/a\u003e bump to 9.4.1 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3283\"\u003e#3283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/588c55aa25e438ef93f3d7bee46eb1964e0e1378\"\u003e\u003ccode\u003e588c55a\u003c/code\u003e\u003c/a\u003e [9.4] fix: throw errors properly when bulk helper uses a stream (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3281\"\u003e#3281\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3282\"\u003e#3282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elastic/elasticsearch-js/compare/v9.4.0...v9.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/transport` from 9.3.5 to 9.3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elastic-transport-js/releases\"\u003e@​elastic/transport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.3.7\u003c/h2\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emark timed-out nodes dead when retryOnTimeout is false by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/382\"\u003eelastic/elastic-transport-js#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.6...v9.3.7\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.6...v9.3.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.3.6\u003c/h2\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse Buffer.concat for UTF-8 response body to prevent multi-byte character corruption by \u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent false NoLivingConnectionsError in WeightedConnectionPool by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/369\"\u003eelastic/elastic-transport-js#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprevent ConnectionError with empty message by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/370\"\u003eelastic/elastic-transport-js#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eensure Error.cause propagates by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/371\"\u003eelastic/elastic-transport-js#371\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse correct content-type on empty requests by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/372\"\u003eelastic/elastic-transport-js#372\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/65a258563e0cd7d1f4c8aff6f66ba60ef0b8dad3\"\u003e\u003ccode\u003e65a2585\u003c/code\u003e\u003c/a\u003e fix: mark timed-out nodes dead when retryOnTimeout is false (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/382\"\u003e#382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/68389bab3b4e0388f62dd1226f86c259bc88e059\"\u003e\u003ccode\u003e68389ba\u003c/code\u003e\u003c/a\u003e chore(deps): pin actions/github-script action to f28e40c (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/379\"\u003e#379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/a657bd6e4a1dc95242a228f1eece39cf9d34e08c\"\u003e\u003ccode\u003ea657bd6\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to 8530f76 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/380\"\u003e#380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/668d8050d7fb83d381a352f08fbfd572f014dcae\"\u003e\u003ccode\u003e668d805\u003c/code\u003e\u003c/a\u003e ci: add AI backport resolver (gh-aw prompt + issue_comment trigger) (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/377\"\u003e#377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/4fe6d59752f56ce7dd0e02514c108a0f299b8e02\"\u003e\u003ccode\u003e4fe6d59\u003c/code\u003e\u003c/a\u003e ci: point to clients-team-automations instead of devtools (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/378\"\u003e#378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/eaca5eb8c049ef3b1e73f0205e89ca3d2c4bdcd0\"\u003e\u003ccode\u003eeaca5eb\u003c/code\u003e\u003c/a\u003e fix: remove non-ASCII characters causing workflow parse failure (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/375\"\u003e#375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/ca6bf3fe78a469016fa3b135734822488e697bd5\"\u003e\u003ccode\u003eca6bf3f\u003c/code\u003e\u003c/a\u003e ci: replace thin caller with full AI backport resolver workflow (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5ef792abf78ba81e534e6dff0f398cef63b20383\"\u003e\u003ccode\u003e5ef792a\u003c/code\u003e\u003c/a\u003e fix: use correct content-type on empty requests (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/d619d0d462c40104aca949a79a3e420c0037d4e9\"\u003e\u003ccode\u003ed619d0d\u003c/code\u003e\u003c/a\u003e fix: ensure Error.cause propagates (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5f1eab1b44707d6afb8c54513893ffc3e8c53fd8\"\u003e\u003ccode\u003e5f1eab1\u003c/code\u003e\u003c/a\u003e fix: prevent ConnectionError with empty message (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@electron/packager` from 20.0.0 to 20.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/electron/packager/releases\"\u003e@​electron/packager's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/electron/packager/compare/v20.0.0...v20.0.1\"\u003e20.0.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eswap \u003ccode\u003eextract-zip\u003c/code\u003e with \u003ccode\u003e@electron-internal/extract-zip\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1917\"\u003e#1917\u003c/a\u003e) (\u003ca href=\"https://github.com/electron/packager/commit/0ff6c2a14f6842ee2f549183a52f16a03001292c\"\u003e0ff6c2a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/0ff6c2a14f6842ee2f549183a52f16a03001292c\"\u003e\u003ccode\u003e0ff6c2a\u003c/code\u003e\u003c/a\u003e fix: swap \u003ccode\u003eextract-zip\u003c/code\u003e with \u003ccode\u003e@electron-internal/extract-zip\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1917\"\u003e#1917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/0076a3658e19470f836dae4fd5accbf7dff896a9\"\u003e\u003ccode\u003e0076a36\u003c/code\u003e\u003c/a\u003e chore: bump vitest from 3.2.4 to 4.1.0 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1916\"\u003e#1916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/b0413a0907368e68530c027c18cb62e3bcfc81f3\"\u003e\u003ccode\u003eb0413a0\u003c/code\u003e\u003c/a\u003e chore: bump brace-expansion from 5.0.5 to 5.0.6 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1915\"\u003e#1915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/eed530c1afba2ede9e9f356ec2001668f35adbe6\"\u003e\u003ccode\u003eeed530c\u003c/code\u003e\u003c/a\u003e ci: add a GitHub Actions Completed job (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1914\"\u003e#1914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/b0eb94de5be7cd96780d948e91374d916fa723bf\"\u003e\u003ccode\u003eb0eb94d\u003c/code\u003e\u003c/a\u003e build(dev-deps): drop tsx (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1908\"\u003e#1908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/56f519fb32d478896996e80177dc85e5d7a6489f\"\u003e\u003ccode\u003e56f519f\u003c/code\u003e\u003c/a\u003e build: remove parse-author dependency (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1912\"\u003e#1912\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/23cb235c1ea8fead4597664cd62bdfdeccb73c9f\"\u003e\u003ccode\u003e23cb235\u003c/code\u003e\u003c/a\u003e chore: bump ip-address from 10.0.1 to 10.1.1 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1913\"\u003e#1913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/feb3114f21d96f3424fed6fc0e0199fb81bba2c0\"\u003e\u003ccode\u003efeb3114\u003c/code\u003e\u003c/a\u003e chore: bump the non-major-version-updates group with 4 updates (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1911\"\u003e#1911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/555715325a2d9ac31f8759ce77fdbdda15bb8d4d\"\u003e\u003ccode\u003e5557153\u003c/code\u003e\u003c/a\u003e chore: bump postcss from 8.5.6 to 8.5.10 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1910\"\u003e#1910\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/d71c96bdecf90e18efb0236b0cd28dc1e6a37ba8\"\u003e\u003ccode\u003ed71c96b\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1909\"\u003e#1909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/electron/packager/compare/v20.0.0...v20.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@google-cloud/pubsub` from 5.3.0 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/google-cloud-node/releases\"\u003e@​google-cloud/pubsub's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003epubsub: v5.3.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/google-cloud-node/compare/pubsub-v5.3.0...pubsub-v5.3.1\"\u003e5.3.1\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump all node submodules (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/8178\"\u003e#8178\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/9fd76eff87b1cf02db6205f141449b31e8ab7d8f\"\u003e9fd76ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epubsub:\u003c/strong\u003e Remove messages from leasing on nackWithResponse (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/7817\"\u003e#7817\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/841f0ca06d3d70278bb1d0c99535ad3c73c3d5d4\"\u003e841f0ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/google-cloud-node/blob/main/handwritten/pubsub/CHANGELOG.md\"\u003e@​google-cloud/pubsub's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/google-cloud-node/compare/pubsub-v5.3.0...pubsub-v5.3.1\"\u003e5.3.1\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump all node submodules (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/8178\"\u003e#8178\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/9fd76eff87b1cf02db6205f141449b31e8ab7d8f\"\u003e9fd76ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epubsub:\u003c/strong\u003e Remove messages from leasing on nackWithResponse (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/7817\"\u003e#7817\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/841f0ca06d3d70278bb1d0c99535ad3c73c3d5d4\"\u003e841f0ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/googleapis/google-cloud-node/commits/dns-v5.3.1/handwritten/pubsub\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.14.3 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.14.3...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 2.0.3 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: stub ws types to prevent them leaking in public types by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/359\"\u003ehonojs/node-server#359\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ehttps://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/9e1cdee836baeb13f33e857a582b29546185c324\"\u003e\u003ccode\u003e9e1cdee\u003c/code\u003e\u003c/a\u003e 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b4ca62216c9b537f1e56e0282bc8b5ee5b953b26\"\u003e\u003ccode\u003eb4ca622\u003c/code\u003e\u003c/a\u003e fix: stub ws types to prevent them leaking in public types (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/359\"\u003e#359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@koa/router` from 15.5.0 to 15.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/router/releases\"\u003e@​koa/router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: drop node v20 from ci pipeline  b5f9b6c\u003c/li\u003e\n\u003cli\u003echore: update *.md docs files  d586f45\u003c/li\u003e\n\u003cli\u003echore: add more tests + bump deps  7148fd1\u003c/li\u003e\n\u003cli\u003efix: hide internal rest param from prefixed middleware  99a6ae6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/koajs/router/compare/v15.5.0...v15.6.0\"\u003ehttps://github.com/koajs/router/compare/v15.5.0...v15.6.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/5b989fe0e37a4e1044287ba3fc935f5d0d623702\"\u003e\u003ccode\u003e5b989fe\u003c/code\u003e\u003c/a\u003e v15.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/b5f9b6cee1e9822074ff45c7abaf7aab1743dc3a\"\u003e\u003ccode\u003eb5f9b6c\u003c/code\u003e\u003c/a\u003e ci: drop node v20 from ci pipeline\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/d586f450ee0e92dd71ab995adfb1a535bcf55fba\"\u003e\u003ccode\u003ed586f45\u003c/code\u003e\u003c/a\u003e chore: update *.md docs files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/7148fd1491ca9b116cdf52fa3446d235539137f8\"\u003e\u003ccode\u003e7148fd1\u003c/code\u003e\u003c/a\u003e chore: add more tests + bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/99a6ae6a259cc26b8227288a99303b7bc7f597a1\"\u003e\u003ccode\u003e99a6ae6\u003c/code\u003e\u003c/a\u003e fix: hide internal rest param from prefixed middleware\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/koajs/router/compare/v15.5.0...v15.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.0 to 25.9.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aerospike` from 6.7.0 to 6.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/releases\"\u003eaerospike's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[6.7.1]\u003c/h2\u003e\n\u003cp\u003eRelease Date: May 26, 2026\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress node.js client vulnerabilities reported by Dependabot. [CLIENT-4732]\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e...\n\u003cul\u003e\n\u003cli\u003eas a development dependency from 9.0.5 to 9.0.9.\u003c/li\u003e\n\u003cli\u003eas a runtime dependency from 3.1.2 to 3.1.5.\u003c/li\u003e\n\u003cli\u003eThis addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-27904\u003c/li\u003e\n\u003cli\u003eCVE-2026-27903\u003c/li\u003e\n\u003cli\u003eCVE-2026-26996\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003etar\u003c/code\u003e from 7.5.7 to 7.5.15. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-29786\u003c/li\u003e\n\u003cli\u003eCVE-2026-31802\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003epicomatch\u003c/code\u003e from 4.0.3 to 4.0.4. This addresses CVE-2026-33671.\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eprotobufjs\u003c/code\u003e from 7.5.4 to 7.5.8. This addresses the following vulnerabilities where protobufjs...\n\u003cul\u003e\n\u003cli\u003eis a runtime dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-41242\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eis a development dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-44291\u003c/li\u003e\n\u003cli\u003eCVE-2026-44290\u003c/li\u003e\n\u003cli\u003eCVE-2026-44293\u003c/li\u003e\n\u003cli\u003eCVE-2026-44289\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump development dependency \u003ccode\u003eflatted\u003c/code\u003e from 3.3.3 to 3.4.2. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-33228\u003c/li\u003e\n\u003cli\u003eCVE-2026-32141\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ehttps://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e64dca8645265de9f1c9fb697304296f0342474d\"\u003e\u003ccode\u003ee64dca8\u003c/code\u003e\u003c/a\u003e Forgot to update the rest of the jobs in the stage tests to convert the runne...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e7e1fdfe4240ff118ff388f4205b121f9b4ae3e1\"\u003e\u003ccode\u003ee7e1fdf\u003c/code\u003e\u003c/a\u003e Fix syntax. TODO should add actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c90678774e1f049310b04a5cdfdc7a14e2b6b9dc\"\u003e\u003ccode\u003ec906787\u003c/code\u003e\u003c/a\u003e Use shared workflow from aerospike/aerospike-client-python from dev commit no...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/35145f29ac91c6ac8e2f8a68bc89a22b71a263c5\"\u003e\u003ccode\u003e35145f2\u003c/code\u003e\u003c/a\u003e Fix syntax error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6486f505e6857c80e362349f39168dff84ddcf32\"\u003e\u003ccode\u003e6486f50\u003c/code\u003e\u003c/a\u003e Use the same syntax in aerospike-client-python to pass encoded json output to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/ff05b8cb767992e3a4354556e70fb56a0498be74\"\u003e\u003ccode\u003eff05b8c\u003c/code\u003e\u003c/a\u003e Rename SMA2 self hosted macos runner to the default labels used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/affd51c22e4cc317d5e186d29a25adf04c82b42d\"\u003e\u003ccode\u003eaffd51c\u003c/code\u003e\u003c/a\u003e Bump version to 6.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c12499bdda4d9730d0319a4dc7c6c88a44bf1ee1\"\u003e\u003ccode\u003ec12499b\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Bump version to 6.7.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6b6da3ae8379de9536d392a8961caba3e7556a2a\"\u003e\u003ccode\u003e6b6da3a\u003c/code\u003e\u003c/a\u003e Fix bug where artifacts for release bundles are built for the wrong revision ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/242ad5bdbb487080a273bdc31b65f3fb899d3c68\"\u003e\u003ccode\u003e242ad5b\u003c/code\u003e\u003c/a\u003e Fix usage of promote-and-optionally-tag-release-bundle.yml in stage workflow.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.16.1 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c...\n\n_Description has been truncated_","html_url":"https://github.com/DataDog/dd-trace-js/pull/8855","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2Fdd-trace-js/issues/8855","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8855/packages"},{"uuid":"4626326568","node_id":"PR_kwDOD5BUU87kmR3_","number":2749,"state":"closed","title":"chore(deps): bump the backend group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-16T23:04:02.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-09T23:04:28.000Z","updated_at":"2026-06-16T23:04:04.000Z","time_to_close":604774,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"backend","update_count":10,"packages":[{"name":"axios","old_version":"1.15.0","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.4.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"juice","old_version":"11.1.1","new_version":"12.1.0","repository_url":"https://github.com/Automattic/juice"},{"name":"mjml","old_version":"4.18.0","new_version":"5.3.0","repository_url":"https://github.com/mjmlio/mjml"},{"name":"pg","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"twilio","old_version":"5.13.1","new_version":"6.0.2","repository_url":"https://github.com/twilio/twilio-node"},{"name":"typeorm","old_version":"0.3.26","new_version":"1.0.0","repository_url":"https://github.com/typeorm/typeorm"},{"name":"typescript","old_version":"4.9.5","new_version":"6.0.3","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"jest","old_version":"29.7.0","new_version":"30.4.2","repository_url":"https://github.com/jestjs/jest"}],"path":null,"ecosystem":"npm"},"body":"Bumps the backend group with 10 updates in the /services/API-service directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.15.0` | `1.17.0` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.4.0` |\n| [ejs](https://github.com/mde/ejs) | `5.0.2` | `6.0.1` |\n| [juice](https://github.com/Automattic/juice) | `11.1.1` | `12.1.0` |\n| [mjml](https://github.com/mjmlio/mjml/tree/HEAD/packages/mjml) | `4.18.0` | `5.3.0` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.21.0` |\n| [twilio](https://github.com/twilio/twilio-node) | `5.13.1` | `6.0.2` |\n| [typeorm](https://github.com/typeorm/typeorm) | `0.3.26` | `1.0.0` |\n| [typescript](https://github.com/microsoft/TypeScript) | `4.9.5` | `6.0.3` |\n| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.7.0` | `30.4.2` |\n\n\nUpdates `axios` from 1.15.0 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.17.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.17.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4306df21e84332fc576e98c2de549347c06bfb76\"\u003e\u003ccode\u003e4306df2\u003c/code\u003e\u003c/a\u003e chore: add fun 88 sponsorship\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/931cc8f0106db4c9885403f85364b9e09ae1f6dc\"\u003e\u003ccode\u003e931cc8f\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.17.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/38ba1b3d2b0aa5ada0463a37a548feb83a84dfa1\"\u003e\u003ccode\u003e38ba1b3\u003c/code\u003e\u003c/a\u003e fix(fetch): support basic auth from URL (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32e2515f1e09b649723e4acd89d920df13eee77e\"\u003e\u003ccode\u003e32e2515\u003c/code\u003e\u003c/a\u003e fix: replace ternary side effect in script (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/030e7223831b0f562af3eb7501b24242c8a4c5ba\"\u003e\u003ccode\u003e030e722\u003c/code\u003e\u003c/a\u003e chore(deps): bump axios from 1.15.2 to 1.16.1 in /docs (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ec63164ac6b7a1fcd6b742a8628d3fffe23ce001\"\u003e\u003ccode\u003eec63164\u003c/code\u003e\u003c/a\u003e chore: remove openspec (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3dec28f94ce29d396d5f2d9718805b47428dc7ab\"\u003e\u003ccode\u003e3dec28f\u003c/code\u003e\u003c/a\u003e fix(http): preserve TLS options for proxy tunnels (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a2390a5c059342bcac2a5297728181dd9939f562\"\u003e\u003ccode\u003ea2390a5\u003c/code\u003e\u003c/a\u003e fix: correct isCancel type to narrow to CanceledError\u0026lt;T\u0026gt; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fa01b9255d71e72599826428bc6c60f34994c6ce\"\u003e\u003ccode\u003efa01b92\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump tmp from 0.2.5 to 0.2.7 in /docs (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d2314a1ac29ce6723eb53e130b4a36617fd201c\"\u003e\u003ccode\u003e2d2314a\u003c/code\u003e\u003c/a\u003e fix: AxiosHeaders \u003ccode\u003etoJSON()\u003c/code\u003e return types (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.0...v1.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `date-fns` from 4.1.0 to 4.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/date-fns/date-fns/releases\"\u003edate-fns's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003cp\u003eThis release revisits the approach to CDN usage and introduces a new package, \u003ccode\u003e@date-fns/cdn\u003c/code\u003e and deprecates the \u003ccode\u003edate-fns\u003c/code\u003e CDN scripts. It allowed reducing the zipped package size from \u003ccode\u003e5.83 MB\u003c/code\u003e down to \u003ccode\u003e3.96 MB\u003c/code\u003e without introducing any breaking changes.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003ev5.0.0-alpha.0\u003c/code\u003e where CDN scripts are completely removed from \u003ccode\u003edate-fns\u003c/code\u003e the change is more significant and brings the zipped package size down to \u003ccode\u003e2.89 MB\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIt is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDEPRECATED\u003c/strong\u003e: The \u003ccode\u003edate-fns\u003c/code\u003e CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new \u003ccode\u003e@date-fns/cdn\u003c/code\u003e package for CDN usage.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved CDN source maps to reduce the package size. If you rely on them, please switch to the new \u003ccode\u003e@date-fns/cdn\u003c/code\u003e package that still includes them.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cp\u003eKudos to \u003ca href=\"https://github.com/ImRodry\"\u003e\u003ccode\u003e@​ImRodry\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e for their contributions.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFixed missing modularized optimization fallback (\u003ca href=\"https://x.com/kossnocorp/status/1731181274579325260\"\u003efor Next.js and others\u003c/a\u003e). See \u003ca href=\"https://x.com/kossnocorp/status/1731181274579325260\"\u003e#4193\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ccode\u003ept\u003c/code\u003e locale first day of week to be Sunday. See \u003ca href=\"https://redirect.github.com/date-fns/date-fns/pull/4195\"\u003e#4195\u003c/a\u003e by \u003ca href=\"https://github.com/ImRodry\"\u003e\u003ccode\u003e@​ImRodry\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ccode\u003ezh-CN\u003c/code\u003e, \u003ccode\u003ezh-HK\u003c/code\u003e, and \u003ccode\u003ezh-TW\u003c/code\u003e locale month parsing for October, November, and December. See \u003ca href=\"https://redirect.github.com/date-fns/date-fns/pull/4194\"\u003e#4194\u003c/a\u003e by \u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a minor release in all senses, it only includes documentation updates (first of many) that points to the new \u003ca href=\"https://date-fns.org/you-dont-need-date-fns\"\u003eYou Don't Need date-fns*\u003c/a\u003e page.\u003c/p\u003e\n\u003cp\u003e* Not really\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded Temporal API references to the JSDoc annotations of \u003ccode\u003eadd\u003c/code\u003e, \u003ccode\u003eaddBusinessDays\u003c/code\u003e, and \u003ccode\u003eaddDays\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/cd53d2538cfa318404eff7ade6449b49bf34562e\"\u003e\u003ccode\u003ecd53d25\u003c/code\u003e\u003c/a\u003e Promote to v4.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/d948ec151d395096de8a45fbcd9b1e79c26fda25\"\u003e\u003ccode\u003ed948ec1\u003c/code\u003e\u003c/a\u003e Preserve but deprecate CDN versions for v4, set up v5 with polyfills\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/ee65753cfc5d73cc9acd43aaa8012b3b233ddf32\"\u003e\u003ccode\u003eee65753\u003c/code\u003e\u003c/a\u003e Add root \u003ccode\u003emise :format\u003c/code\u003e task\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/9f5bdf5d5a944772aa9668c4fa6567d89ca01fa9\"\u003e\u003ccode\u003e9f5bdf5\u003c/code\u003e\u003c/a\u003e Add positional argument to \u003ccode\u003etest/smoke.sh\u003c/code\u003e script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/651ead6faf331515814803faf457f5b9db7c9729\"\u003e\u003ccode\u003e651ead6\u003c/code\u003e\u003c/a\u003e Split CDN bundles into separate \u003ccode\u003e@​date-fns/cdn\u003c/code\u003e package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/224c1a209967dad359a2c2adc9a5b0ef72e4fe7b\"\u003e\u003ccode\u003e224c1a2\u003c/code\u003e\u003c/a\u003e Deprecate type tests as attw hangs on date-fns package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/7bb2842dac3d579f84b2de62f015335fb3ac734a\"\u003e\u003ccode\u003e7bb2842\u003c/code\u003e\u003c/a\u003e Switch \u003ccode\u003ePACKAGE_OUTPUT_PATH\u003c/code\u003e to \u003ccode\u003e--dist\u003c/code\u003e flag in the package build script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/b6ad5acc5ab0b40777a2695ec074c2ffcd982763\"\u003e\u003ccode\u003eb6ad5ac\u003c/code\u003e\u003c/a\u003e Add flags to control package build script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/424a783de1fd974bcdbe907c9c5eb5154e9db29f\"\u003e\u003ccode\u003e424a783\u003c/code\u003e\u003c/a\u003e Fix docs release after moving to monorepo setup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/f95bcf18b53e6832b2c575c24c98654a24f52699\"\u003e\u003ccode\u003ef95bcf1\u003c/code\u003e\u003c/a\u003e (docs): Add missing \u003ccode\u003etsx\u003c/code\u003e dependency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/date-fns/date-fns/compare/v4.1.0...v4.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 5.0.2 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `juice` from 11.1.1 to 12.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/juice/releases\"\u003ejuice's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev12.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add data-juice-important attribute  7cb46ac\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Automattic/juice/compare/v12.0.0...v12.1.0\"\u003ehttps://github.com/Automattic/juice/compare/v12.0.0...v12.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev12.0.0\u003c/h2\u003e\n\u003ch1\u003eJuice 12\u003c/h1\u003e\n\u003cp\u003eModernizes the entire stack: ESM-only, PostCSS-based parsers to support CSS Nesting + spec-correct selector specificity, Node 22.12+ floor, Vitest 4.\u003c/p\u003e\n\u003ch2\u003eBreaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJuice is now ESM-only.\u003c/strong\u003e CJS consumers on \u003cstrong\u003eNode ≥ 22.12\u003c/strong\u003e keep working transparently via Node's built-in \u003ccode\u003erequire(esm)\u003c/code\u003e interop. Older Node versions need to upgrade.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNode ≥ 22.12.0 required.\u003c/strong\u003e Drops support for Node 18 and Node 20. CI matrix is now Node 22, 24, 26.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBrowser\u003c/strong\u003e: \u003ccode\u003eclient.js\u003c/code\u003e is ESM. Modern bundlers (Vite, webpack 5, esbuild, Rollup, Parcel 2+) handle it via the \u003ccode\u003e\u0026quot;browser\u0026quot;\u003c/code\u003e condition in the \u003ccode\u003eexports\u003c/code\u003e map. \u003cstrong\u003eBrowserify is no longer supported\u003c/strong\u003e, it cannot parse ESM. README updated to point at modern bundlers.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS parser swapped\u003c/strong\u003e: \u003ccode\u003emensch\u003c/code\u003e → \u003ccode\u003epostcss\u003c/code\u003e + \u003ccode\u003epostcss-safe-parser\u003c/code\u003e. Selector parser swapped: \u003ccode\u003eslick\u003c/code\u003e → \u003ccode\u003epostcss-selector-parser\u003c/code\u003e. Both old libs were unmaintained since 2022. Inlining semantics unchanged; preserved-CSS output inside \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e blocks is now canonically formatted (mensch had quirks like \u003ccode\u003e;}\u003c/code\u003e squashed onto one line). 4 fixture \u003ccode\u003e.out\u003c/code\u003e files refreshed to match.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSpec-correct selector specificity\u003c/strong\u003e for \u003ccode\u003e:is()\u003c/code\u003e, \u003ccode\u003e:where()\u003c/code\u003e, \u003ccode\u003e:has()\u003c/code\u003e, \u003ccode\u003e:not()\u003c/code\u003e per CSS Selectors Level 4: \u003ccode\u003e:where(...)\u003c/code\u003e contributes 0, the others contribute \u003ccode\u003emax(spec(args))\u003c/code\u003e. Previously juice treated all four as a generic \u003ccode\u003e:pseudo\u003c/code\u003e and \u003ccode\u003e:not\u003c/code\u003e used \u0026quot;first arg only\u0026quot; (a slick legacy). Any cascade resolution that depended on the old quirks will produce different inlined styles.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ecommander\u003c/code\u003e upgraded to v14\u003c/strong\u003e, \u003cstrong\u003e\u003ccode\u003eentities\u003c/code\u003e upgraded to v8\u003c/strong\u003e (ESM-only), \u003cstrong\u003e\u003ccode\u003echeerio\u003c/code\u003e pinned to \u003ccode\u003e1.2.0\u003c/code\u003e\u003c/strong\u003e.\u003c/li\u003e\n\u003cli\u003eTypeScript declarations renamed \u003ccode\u003ejuice.d.ts → index.d.ts\u003c/code\u003e and restructured for ESM default-export resolution. Import as \u003ccode\u003eimport juice from 'juice'\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCSS Nesting (Level 1) is supported.\u003c/strong\u003e Nested rules (\u003ccode\u003e.card { \u0026amp;:hover { ... } }\u003c/code\u003e), nested at-rules (\u003ccode\u003e.card { @media (...) { ... } }\u003c/code\u003e), the \u003ccode\u003e\u0026amp;\u003c/code\u003e parent selector, and bare nested selectors (per the 2023 CSSWG resolution) are flattened via \u003ccode\u003epostcss-nesting\u003c/code\u003e before inlining. Previously these were silently dropped. No behavior change for already-flat CSS.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@container\u003c/code\u003e and \u003ccode\u003e@layer\u003c/code\u003e at-rules are preserved\u003c/strong\u003e through inlining (mirrors how \u003ccode\u003e@media\u003c/code\u003e/\u003ccode\u003e@font-face\u003c/code\u003e/\u003ccode\u003e@keyframes\u003c/code\u003e already worked). New options \u003ccode\u003epreserveContainerQueries\u003c/code\u003e and \u003ccode\u003epreserveLayers\u003c/code\u003e default to \u003ccode\u003etrue\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eLong-standing crashes/hangs in \u003ccode\u003e:not(a, b, …)\u003c/code\u003e are gone\u003c/strong\u003e as a side effect of the parser swap — the underlying causes of \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/390\"\u003e#390\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/471\"\u003e#471\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/398\"\u003e#398\u003c/a\u003e were quirks in mensch/slick that don't exist in postcss.\u003c/li\u003e\n\u003cli\u003eTypeScript types ship via the \u003ccode\u003etypes\u003c/code\u003e condition in \u003ccode\u003eexports\u003c/code\u003e and resolve correctly under \u003ccode\u003enodenext\u003c/code\u003e module resolution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTooling\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eTest runner: Mocha → Vitest 4\u003c/strong\u003e with \u003ccode\u003e@vitest/coverage-v8\u003c/code\u003e. New scripts: \u003ccode\u003enpm test\u003c/code\u003e, \u003ccode\u003enpm run test:watch\u003c/code\u003e, \u003ccode\u003enpm run coverage\u003c/code\u003e. The previously broken \u003ccode\u003etestcover\u003c/code\u003e script is gone.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCLI extraction\u003c/strong\u003e: \u003ccode\u003ebin/juice\u003c/code\u003e's logic moved into \u003ccode\u003elib/cli.js\u003c/code\u003e as a testable \u003ccode\u003ecli.run(argv, deps)\u003c/code\u003e with dependency injection. The bin itself is now a 3-line ESM shim.\u003c/li\u003e\n\u003cli\u003eTest files renamed: \u003ccode\u003ecli.js → cli.test.js\u003c/code\u003e, \u003ccode\u003etest.js → integration.test.js\u003c/code\u003e, \u003ccode\u003erun.js → cases.test.js\u003c/code\u003e. TypeScript test now uses a dedicated \u003ccode\u003etest/typescript/tsconfig.json\u003c/code\u003e with \u003ccode\u003enodenext\u003c/code\u003e resolution.\u003c/li\u003e\n\u003cli\u003eTest assertions migrated from Node's \u003ccode\u003eassert\u003c/code\u003e to Vitest's \u003ccode\u003eexpect\u003c/code\u003e: better failure diffs, more matchers, idiomatic.\u003c/li\u003e\n\u003cli\u003eRemoved devDependencies: \u003ccode\u003emocha\u003c/code\u003e, \u003ccode\u003eshould\u003c/code\u003e, \u003ccode\u003ebatch\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e. Added: \u003ccode\u003evitest\u003c/code\u003e, \u003ccode\u003e@vitest/coverage-v8\u003c/code\u003e, \u003ccode\u003epostcss\u003c/code\u003e, \u003ccode\u003epostcss-safe-parser\u003c/code\u003e, \u003ccode\u003epostcss-selector-parser\u003c/code\u003e, \u003ccode\u003epostcss-nesting\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMigration notes\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eScenario\u003c/th\u003e\n\u003cth\u003eAction needed\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003eNode 18 or 20 user\u003c/td\u003e\n\u003ctd\u003eUpgrade to Node 22.12+\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003econst juice = require('juice')\u003c/code\u003e on Node ≥22.12\u003c/td\u003e\n\u003ctd\u003eNone, \u003ccode\u003erequire(esm)\u003c/code\u003e handles it\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003econst juice = require('juice')\u003c/code\u003e on older Node\u003c/td\u003e\n\u003ctd\u003eUpgrade Node, or switch to \u003ccode\u003eimport juice from 'juice'\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eTypeScript \u003ccode\u003eimport juice = require('juice')\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003eSwitch to \u003ccode\u003eimport juice from 'juice'\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003ejuice/client\u003c/code\u003e via Browserify\u003c/td\u003e\n\u003ctd\u003eSwitch bundler (Vite, webpack 5, esbuild, Rollup, Parcel 2+)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eUsing \u003ccode\u003e:is/:where/:has\u003c/code\u003e in email CSS\u003c/td\u003e\n\u003ctd\u003eSpecificity is now per-spec; cascade may resolve differently\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eUsing \u003ccode\u003e@container\u003c/code\u003e or \u003ccode\u003e@layer\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003eThey now pass through inlining instead of being silently dropped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eUsing CSS Nesting\u003c/td\u003e\n\u003ctd\u003eWas silently dropped — now flattened and inlined correctly\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/juice/blob/master/CHANGELOG.md\"\u003ejuice's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eUnreleased\u003c/h1\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJuice is now ESM-only.\u003c/strong\u003e Consumers using \u003ccode\u003erequire('juice')\u003c/code\u003e from CJS on Node ≥ 22.12 will continue to work via Node's built-in \u003ccode\u003erequire(esm)\u003c/code\u003e interop. CJS consumers on older Node versions will need to migrate to \u003ccode\u003eimport\u003c/code\u003e or upgrade Node.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNode ≥ 22.12.0 required.\u003c/strong\u003e Dropped support for Node 18 and Node 20. CI now runs on Node 22, 24, and 26.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBrowser:\u003c/strong\u003e the package's \u003ccode\u003eclient.js\u003c/code\u003e entry is now ESM. Modern bundlers (Vite, webpack 5, esbuild, Rollup, Parcel 2+) handle it transparently via the \u003ccode\u003e\u0026quot;browser\u0026quot;\u003c/code\u003e condition in \u003ccode\u003eexports\u003c/code\u003e. \u003cstrong\u003eBrowserify is no longer supported\u003c/strong\u003e — it cannot parse ESM.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS parser replaced\u003c/strong\u003e: \u003ccode\u003emensch\u003c/code\u003e → \u003ccode\u003epostcss\u003c/code\u003e + \u003ccode\u003epostcss-safe-parser\u003c/code\u003e. Selector parser replaced: \u003ccode\u003eslick\u003c/code\u003e → \u003ccode\u003epostcss-selector-parser\u003c/code\u003e. Both old libs were unmaintained since 2022 and mis-handled modern CSS. Inlining behaviour is unchanged; preserved-CSS output inside \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e blocks is now canonically formatted (fixes mensch quirks like \u003ccode\u003e;}\u003c/code\u003e squashed on one line and \u003ccode\u003e0%,\\n100%\u003c/code\u003e selector splits).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSpecificity is now spec-correct for \u003ccode\u003e:is()\u003c/code\u003e, \u003ccode\u003e:where()\u003c/code\u003e, \u003ccode\u003e:has()\u003c/code\u003e, and \u003ccode\u003e:not()\u003c/code\u003e\u003c/strong\u003e (CSS Selectors Level 4). \u003ccode\u003e:where(...)\u003c/code\u003e contributes 0; \u003ccode\u003e:is(...)\u003c/code\u003e, \u003ccode\u003e:has(...)\u003c/code\u003e, and \u003ccode\u003e:not(...)\u003c/code\u003e contribute the maximum specificity across their arguments. Previously juice treated all four as a generic \u003ccode\u003e:pseudo\u003c/code\u003e and \u003ccode\u003e:not\u003c/code\u003e used \u0026quot;first argument only\u0026quot; (a slick legacy). Any cascade resolution that depended on the old quirks will produce different inlined styles.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@container\u003c/code\u003e and \u003ccode\u003e@layer\u003c/code\u003e at-rules are now preserved\u003c/strong\u003e through inlining (mirroring \u003ccode\u003e@media\u003c/code\u003e / \u003ccode\u003e@font-face\u003c/code\u003e / \u003ccode\u003e@keyframes\u003c/code\u003e). New options \u003ccode\u003epreserveContainerQueries\u003c/code\u003e and \u003ccode\u003epreserveLayers\u003c/code\u003e default to \u003ccode\u003etrue\u003c/code\u003e; pass \u003ccode\u003efalse\u003c/code\u003e to drop them. Note: \u003ccode\u003e@layer\u003c/code\u003e is preserved verbatim only — layer-aware cascade resolution is not implemented (email clients don't support layers anyway).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS Nesting is now supported.\u003c/strong\u003e Nested rules (\u003ccode\u003e.card { \u0026amp;:hover { ... } }\u003c/code\u003e), nested at-rules (\u003ccode\u003e.card { @media (min-width: 600px) { ... } }\u003c/code\u003e), and the \u003ccode\u003e\u0026amp;\u003c/code\u003e parent selector are flattened via \u003ccode\u003epostcss-nesting\u003c/code\u003e before inlining. Previously, nested rules were silently dropped during parsing. No behaviour change for already-flat CSS.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecommander\u003c/code\u003e upgraded to v14. Positional CLI arguments are now declared explicitly via \u003ccode\u003e.argument()\u003c/code\u003e (commander v14 errors on excess undeclared args).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eentities\u003c/code\u003e upgraded to v8 (ESM-only).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003echeerio\u003c/code\u003e pinned to \u003ccode\u003e1.2.0\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTypeScript declarations renamed \u003ccode\u003ejuice.d.ts → index.d.ts\u003c/code\u003e and restructured for ESM default-export resolution (\u003ccode\u003eimport juice from 'juice'\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eTest runner migrated from Mocha to \u003cstrong\u003eVitest 4\u003c/strong\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTooling\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003enpm test\u003c/code\u003e now runs \u003ccode\u003evitest run --coverage \u0026amp;\u0026amp; npm run test-typescript\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003enpm run coverage\u003c/code\u003e script using \u003ccode\u003e@vitest/coverage-v8\u003c/code\u003e (replaces the previously broken \u003ccode\u003etestcover\u003c/code\u003e script).\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003enpm run test:watch\u003c/code\u003e for interactive development.\u003c/li\u003e\n\u003cli\u003eTest files renamed: \u003ccode\u003etest/cli.js → test/cli.test.js\u003c/code\u003e, \u003ccode\u003etest/test.js → test/integration.test.js\u003c/code\u003e, \u003ccode\u003etest/run.js → test/cases.test.js\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebin/juice\u003c/code\u003e extracted: the CLI logic now lives in \u003ccode\u003elib/cli.js\u003c/code\u003e as a testable \u003ccode\u003ecli.run(argv, deps)\u003c/code\u003e function with dependency injection. The bin itself is a 3-line ESM shim.\u003c/li\u003e\n\u003cli\u003eTypeScript test now uses a dedicated \u003ccode\u003etest/typescript/tsconfig.json\u003c/code\u003e with \u003ccode\u003enodenext\u003c/code\u003e module resolution.\u003c/li\u003e\n\u003cli\u003eRemoved devDependencies: \u003ccode\u003emocha\u003c/code\u003e, \u003ccode\u003eshould\u003c/code\u003e, \u003ccode\u003ebatch\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e. Added: \u003ccode\u003evitest\u003c/code\u003e, \u003ccode\u003e@vitest/coverage-v8\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epackage.json\u003c/code\u003e now declares \u003ccode\u003e\u0026quot;type\u0026quot;: \u0026quot;module\u0026quot;\u003c/code\u003e and an \u003ccode\u003e\u0026quot;exports\u0026quot;\u003c/code\u003e map with \u003ccode\u003etypes\u003c/code\u003e / \u003ccode\u003ebrowser\u003c/code\u003e / \u003ccode\u003edefault\u003c/code\u003e conditions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/54c05d23b219615d8dabdffcd98f6f0788189936\"\u003e\u003ccode\u003e54c05d2\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/20182771a9c64d7e47eb5453b8927c53372bf71e\"\u003e\u003ccode\u003e2018277\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/620\"\u003e#620\u003c/a\u003e from Automattic/feat/data-juice-important\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/7cb46ac1e92b240676b4fe06b0ae8bfe0e62bc80\"\u003e\u003ccode\u003e7cb46ac\u003c/code\u003e\u003c/a\u003e feat: add data-juice-important attribute\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/5afeb2123a3ce7112696fa665de308f4d9288c48\"\u003e\u003ccode\u003e5afeb21\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/aafcd9433c90db4fa63d5d40b3b253f54a12f41f\"\u003e\u003ccode\u003eaafcd94\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/612\"\u003e#612\u003c/a\u003e from Automattic/juice-12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/ac5f477308e1b75697a8b1a694ec568efa7ea653\"\u003e\u003ccode\u003eac5f477\u003c/code\u003e\u003c/a\u003e 12.0.0-beta.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/7c4e39487a6abf4597eb13ea94bfc2bcb4c01ed2\"\u003e\u003ccode\u003e7c4e394\u003c/code\u003e\u003c/a\u003e feat: add data-juice-duplicates attribute\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/826aa05c9202bb31efaa2f992683f03706039dbc\"\u003e\u003ccode\u003e826aa05\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into juice-12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/40744f449b314394a7e72e3d46b2b24c9252cf37\"\u003e\u003ccode\u003e40744f4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/617\"\u003e#617\u003c/a\u003e from Automattic/dependabot/npm_and_yarn/qs-6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/f668dba007019d4442cb86654cca95020c11c706\"\u003e\u003ccode\u003ef668dba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/616\"\u003e#616\u003c/a\u003e from Automattic/dependabot/npm_and_yarn/js-yaml-4.2.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Automattic/juice/compare/v11.1.1...v12.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mjml` from 4.18.0 to 5.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mjmlio/mjml/releases\"\u003emjml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolved numerous production security vulnerabilities by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3089\"\u003emjmlio/mjml#3089\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened dependency graph, upgraded CLI watcher stack, CLI watch behaviour fix by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3093\"\u003emjmlio/mjml#3093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReverted glob to earlier version solving Lerna conflict, upgraded js-cookie by \u003ca href=\"https://github.com/totocap\"\u003e\u003ccode\u003e@​totocap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3101\"\u003emjmlio/mjml#3101\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCI\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgraded checkout/setup-node actions and set Node24 JS actions runtime by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3097\"\u003emjmlio/mjml#3097\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed minor typo in docs by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3098\"\u003emjmlio/mjml#3098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/mjmlio/mjml/compare/v5.2.2...v5.3.0\"\u003ehttps://github.com/mjmlio/mjml/compare/v5.2.2...v5.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIn CLI, relative \u003ccode\u003eincludePath\u003c/code\u003e entries are now resolved against \u003ccode\u003eprocess.cwd()\u003c/code\u003e before being passed to \u003ccode\u003emjml-core\u003c/code\u003e, so e.g. \u003ccode\u003e--config.includePath '[\u0026quot;layouts\u0026quot;]\u003c/code\u003e' works correctly when the template lives in a subdirectory by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3092\"\u003emjmlio/mjml#3092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduced warnings on denied mj-includes for CLI by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3092\"\u003emjmlio/mjml#3092\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated documentation by adding an important message concerning the switch in \u003ccode\u003eallowIncludes\u003c/code\u003e (CLI) \u003ccode\u003eignoreIncludes\u003c/code\u003e (Node) by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3092\"\u003emjmlio/mjml#3092\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/mjmlio/mjml/compare/v5.2.1...v5.2.2\"\u003ehttps://github.com/mjmlio/mjml/compare/v5.2.1...v5.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003emj-accordion\u003c/code\u003e elements were closed by default in new versions of Outlook by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3088\"\u003emjmlio/mjml#3088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/mjmlio/mjml/compare/v5.2.0...v5.2.1\"\u003ehttps://github.com/mjmlio/mjml/compare/v5.2.0...v5.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eWe've updated the beautification process in MJML and are moving back to js-beautify.\u003c/p\u003e\n\u003cp\u003eAs part of MJML 5, we introduced changes to the beautification stack, including replacing js-beautify with Prettier and later Biome. While these changes addressed earlier dependency concerns (which are no longer present), they also introduced performance and output issues for some users, including significantly slower processing times in certain environments.\u003c/p\u003e\n\u003cp\u003eOur priority right now is stability and predictable output, so we're reverting to the long-standing but updated js-beautify implementation while we continue evaluating longer-term improvements to the beautification pipeline.\u003c/p\u003e\n\u003cp\u003eThanks to everyone who reported issues and shared feedback over the last few weeks, it helped us identify and resolve the problems much faster.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/d236786b347dd9366acfb2e1cb1a8d7cbe280804\"\u003e\u003ccode\u003ed236786\u003c/code\u003e\u003c/a\u003e v5.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/e810f15d526597e1c256f07c76848b4631e30f8e\"\u003e\u003ccode\u003ee810f15\u003c/code\u003e\u003c/a\u003e chore(deps,cli,ci): harden dependency graph and add watch/packaging regressions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/ca71423f656e0be316327bfdf49ccbfcdf92b858\"\u003e\u003ccode\u003eca71423\u003c/code\u003e\u003c/a\u003e fix(dependencies): resolve security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/6c109f634f610f952650d2c1edbcb481ac92730c\"\u003e\u003ccode\u003e6c109f6\u003c/code\u003e\u003c/a\u003e v5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/d23232825cf634b92b9f24742b7b3a9042185c32\"\u003e\u003ccode\u003ed232328\u003c/code\u003e\u003c/a\u003e fix(mjml-cli): resolve includePath from cwd, warn on denied/ignored mj-include\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/175f954712d71cdfabaf685f5727f446f2401084\"\u003e\u003ccode\u003e175f954\u003c/code\u003e\u003c/a\u003e v5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/7ba15a2a08991f1c0eedcd0faed5c566f0c937fb\"\u003e\u003ccode\u003e7ba15a2\u003c/code\u003e\u003c/a\u003e v5.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/ecfdf440c5033b3e29b6502744b88ceb219e352b\"\u003e\u003ccode\u003eecfdf44\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/mjmlio/mjml/tree/HEAD/packages/mjml/issues/3084\"\u003e#3084\u003c/a\u003e from mjmlio/bugfix/handle-async-watch-compilation-in-v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/7bcbe0a0eb4c5cbce74faa800d60798e1f38b40f\"\u003e\u003ccode\u003e7bcbe0a\u003c/code\u003e\u003c/a\u003e bugfix(mjml-cli): handle async watch compilation in v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/07f2e9909ced57b5c55d2bd96e525bf6b59f45ee\"\u003e\u003ccode\u003e07f2e99\u003c/code\u003e\u003c/a\u003e v5.2.0-beta.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mjmlio/mjml/commits/v5.3.0/packages/mjml\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pg` from 8.20.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md\"\u003epg's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003epg@8.21.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ca href=\"https://redirect.github.com/brianc/node-postgres/pull/3521\"\u003eSASL SCRAM\u003c/a\u003e server error responses properly.\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ca href=\"https://redirect.github.com/brianc/node-postgres/pull/3667\"\u003enode@26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escramMaxIterations\u003c/code\u003e \u003ca href=\"https://redirect.github.com/brianc/node-postgres/pull/3677\"\u003econfig option\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eclient.getTransactionStatus()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/brianc/node-postgres/pull/3645\"\u003emethod\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/544b1ce8152bc280e398dc1e8a66920abe6a640e\"\u003e\u003ccode\u003e544b1ce\u003c/code\u003e\u003c/a\u003e Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/cc03fa5cdf0f1e67b2518ebad5cf2269206aa49c\"\u003e\u003ccode\u003ecc03fa5\u003c/code\u003e\u003c/a\u003e Add scramMaxIterations option to limit SCRAM iteration count (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3677\"\u003e#3677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/f776327b3fcdd997c67e866ef7c620ef9c26b3f2\"\u003e\u003ccode\u003ef776327\u003c/code\u003e\u003c/a\u003e Remove compatibility code for unsupported versions of Node (\u0026lt;16) (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3678\"\u003e#3678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/f252870eba73c15449b57562e6698b5859e32095\"\u003e\u003ccode\u003ef252870\u003c/code\u003e\u003c/a\u003e cleanup: pg utils (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3675\"\u003e#3675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/c8da6ab9326d93005e6947217cf665f707e08ec7\"\u003e\u003ccode\u003ec8da6ab\u003c/code\u003e\u003c/a\u003e Assorted test cleanup (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3673\"\u003e#3673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/fa47e73349786c2a76db98801d60c05371b0a906\"\u003e\u003ccode\u003efa47e73\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003eClient#end\u003c/code\u003e callback being called multiple times when first is no-op (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/88a7e60c7191ce8061d6276b299895bf5511e042\"\u003e\u003ccode\u003e88a7e60\u003c/code\u003e\u003c/a\u003e cleanup: Move declaration to more natural place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/2095247a7b10ebe19cd7d518e07ee2f259dda70a\"\u003e\u003ccode\u003e2095247\u003c/code\u003e\u003c/a\u003e cleanup: Combine duplicated code in \u003ccode\u003eClient#query\u003c/code\u003e and avoid unneeded early n...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/0ac3eddef6481f4e4f9359c65d3c0cfd7d2124e1\"\u003e\u003ccode\u003e0ac3edd\u003c/code\u003e\u003c/a\u003e fix: apply SASLprep (RFC 4013) to passwords before SCRAM-SHA-256 PBKDF2 (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3669\"\u003e#3669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/be880d45552269f0b847a3e568014bde6536eae3\"\u003e\u003ccode\u003ebe880d4\u003c/code\u003e\u003c/a\u003e Assorted test fixes and cleanup (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3672\"\u003e#3672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/brianc/node-postgres/commits/pg@8.21.0/packages/pg\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `twilio` from 5.13.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twilio/twilio-node/releases\"\u003etwilio's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003cstrong\u003eRelease Notes\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eConversations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate actions api visibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMemory\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-05-07\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003einclude store api\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ca href=\"https://twilio.com/docs/libraries/reference/twilio-node/6.0.2/index.html\"\u003eDocs\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003e6.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003cstrong\u003eRelease Notes\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eTwiml\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSet \u003ccode\u003erecording_configuration_id\u003c/code\u003e attribute to public visibility in \u003ccode\u003e\u0026lt;Conference\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Dial\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Record\u0026gt;\u003c/code\u003e verbs and \u003ccode\u003e\u0026lt;Recording\u0026gt;\u003c/code\u003e noun\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eApi\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd RecordingConfigurationId parameter for CreateCall, CreateCallRecording, CreateConferenceRecording, and CreateParticipant endpoints\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAuthy\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003ev1\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eAdded Authy API v1 under \u003ccode\u003e/v1\u003c/code\u003e — initial onboarding of Public API (\u003ccode\u003e/v1/protected/*\u003c/code\u003e), Device API (\u003ccode\u003e/v1/json/*\u003c/code\u003e), and Dashboard API (\u003ccode\u003e/v1/dashboard/*\u003c/code\u003e) behind REST Proxy using transparent proxy mode.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eData-ingress\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eCreateDataSync\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eDeleteCloudAppDataset\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eDeleteWarehouseDataset\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-20\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eMinor updates (formatting, metadata)\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-17\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eupdated operationId for dataplane APIs,Minor updates (formatting, metadata)\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-15\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003elibraryVisibility to private\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-14\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdded 1 new path(s)\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e/v1/DataSyncs/Latest\u003c/code\u003e (GetLatestDataSyncs)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMemory\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eRemove Prefer/Async-Operation headers\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twilio/twilio-node/blob/main/CHANGES.md\"\u003etwilio's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2026-05-07] Version 6.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eConversations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate actions api visibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMemory\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-05-07\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003einclude store api\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2026-05-06] Version 6.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eTwiml\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSet \u003ccode\u003erecording_configuration_id\u003c/code\u003e attribute to public visibility in \u003ccode\u003e\u0026lt;Conference\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Dial\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Record\u0026gt;\u003c/code\u003e verbs and \u003ccode\u003e\u0026lt;Recording\u0026gt;\u003c/code\u003e noun\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eApi\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd RecordingConfigurationId parameter for CreateCall, CreateCallRecording, CreateConferenceRecording, and CreateParticipant endpoints\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAuthy\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003ev1\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eAdded Authy API v1 under \u003ccode\u003e/v1\u003c/code\u003e — initial onboarding of Public API (\u003ccode\u003e/v1/protected/*\u003c/code\u003e), Device API (\u003ccode\u003e/v1/json/*\u003c/code\u003e), and Dashboard API (\u003ccode\u003e/v1/dashboard/*\u003c/code\u003e) behind REST Proxy using transparent proxy mode.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eData-ingress\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eCreateDataSync\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eDeleteCloudAppDataset\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eDeleteWarehouseDataset\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-20\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eMinor updates (formatting, metadata)\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-17\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eupdated operationId for dataplane APIs,Minor updates (formatting, metadata)\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-15\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003elibraryVisibility to private\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-14\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdded 1 new path(s)\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e/v1/DataSyncs/Latest\u003c/code\u003e (GetLatestDataSyncs)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMemory\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eRemove Prefer/Async-Operation headers\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eAdded 301 response for \u003ccode\u003eListIdentifiers\u003c/code\u003e and \u003ccode\u003eGetIdentifier\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded 308 response for \u003ccode\u003eDeleteProfile\u003c/code\u003e, \u003ccode\u003eCreateIdentifier\u003c/code\u003e, \u003ccode\u003ePatchIdentifier\u003c/code\u003e, and \u003ccode\u003eDeleteIdentifier\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-14\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eModified 1 path(s)\u003c/strong\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eUpgrade guide\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twilio/twilio-node/blob/main/UPGRADE.md\"\u003etwilio's upgrade guide\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eUpgrade Guide\u003c/h1\u003e\n\u003cp\u003e\u003cem\u003eAll \u003ccode\u003eMAJOR\u003c/code\u003e version bumps will have upgrade notes posted here.\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003e[2026-04-20] 5.x.x to 6.x.x\u003c/h2\u003e\n\u003chr /\u003e\n\u003ch3\u003eOverview\u003c/h3\u003e\n\u003cp\u003eTwilio Node Helper Library’s major version 6.0.0 is now available. We ensured that you can upgrade to Node Helper Library 6.0.0 version without any breaking changes to existing APIs.\u003c/p\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eMinimum Node.js version raised to 20\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Node.js versions below 20\u003c/li\u003e\n\u003cli\u003eUpgrade to Node.js \u0026gt;= 20 before updating to \u003ccode\u003etwilio\u003c/code\u003e 6.x.x\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2024-03-07] 4.x.x to 5.x.x\u003c/h2\u003e\n\u003chr /\u003e\n\u003ch3\u003eOverview\u003c/h3\u003e\n\u003ch4\u003eTwilio Node Helper Library’s major version 5.0.0 is now available. We ensured that you can upgrade to Node helper Library 5.0.0 version without any breaking changes of existing apis\u003c/h4\u003e\n\u003cp\u003eBehind the scenes Node Helper is now auto-generated via OpenAPI with this release. This enables us to rapidly add new features and enhance consistency across versions and languages.\nWe're pleased to inform you that version 5.0.0 adds support for the application/json content type in the request body.\u003c/p\u003e\n\u003ch2\u003e[2023-01-25] 3.x.x to 4.x.x\u003c/h2\u003e\n\u003chr /\u003e\n\u003cul\u003e\n\u003cli\u003eSupported Node.js versions updated\n\u003cul\u003e\n\u003cli\u003eUpgrade to Node.js \u0026gt;= 14\u003c/li\u003e\n\u003cli\u003eDropped support for Node.js \u0026lt; 14 (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Node.js 18 (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/794\"\u003e#794\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eLazy loading enabled by default (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/752\"\u003e#752\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eRequired Twilio modules now lazy load by default\u003c/li\u003e\n\u003cli\u003eSee the \u003ca href=\"https://github.com/twilio/twilio-node/blob/main/README.md#lazy-loading\"\u003eREADME\u003c/a\u003e for how to disable lazy loading\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eType changes from \u003ccode\u003eobject\u003c/code\u003e to \u003ccode\u003eRecord\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/873\"\u003e#873\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eCertain response properties now use the \u003ccode\u003eRecord\u003c/code\u003e type with \u003ccode\u003estring\u003c/code\u003e keys\u003c/li\u003e\n\u003cli\u003eIncluding the \u003ccode\u003esubresourceUris\u003c/code\u003e property for v2010 APIs and the \u003ccode\u003elinks\u003c/code\u003e properties for non-v2010 APIs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAccess Tokens\n\u003cul\u003e\n\u003cli\u003eCreating an \u003ca href=\"https://www.twilio.com/docs/iam/access-tokens\"\u003eAccessToken\u003c/a\u003e requires an \u003ccode\u003eidentity\u003c/code\u003e in the options (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/875\"\u003e#875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eConversationsGrant\u003c/code\u003e has been deprecated in favor of \u003ccode\u003eVoiceGrant\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eIpMessagingGrant\u003c/code\u003e has been removed (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eTwiML function deprecations (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/788\"\u003e#788\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.twilio.com/docs/voice/twiml/refer\"\u003e\u003ccode\u003e\u0026lt;Refer\u0026gt;\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eRefer.referSip()\u003c/code\u003e replaced by \u003ccode\u003eRefer.sip()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.twilio.com/docs/voice/twiml/say/text-speech#generating-ssml-via-helper-libraries\"\u003e\u003ccode\u003e\u0026lt;Say\u0026gt;\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSay.ssmlBreak()\u003c/code\u003e and \u003ccode\u003eSay.break_()\u003c/code\u003e replaced by \u003ccode\u003eSay.break()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSay.ssmlEmphasis()\u003c/code\u003e replaced by \u003ccode\u003eSay.emphasis()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/e9e546985dcc293e4f71888160725739e7b28c37\"\u003e\u003ccode\u003ee9e5469\u003c/code\u003e\u003c/a\u003e Release 6.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/fd93dfa35ac018b0e5b952d83a46165cb9ffe6d7\"\u003e\u003ccode\u003efd93dfa\u003c/code\u003e\u003c/a\u003e [Librarian] Regenerated @ d39d243cf0f072a87b06d80cfd5d04f77cde8481 18d7938080...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/c4d7168c9aca1e5e87cd7fa524e5f70233448d6d\"\u003e\u003ccode\u003ec4d7168\u003c/code\u003e\u003c/a\u003e Release 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/04a89ce606cb756b66bc94a57224f700afd3ce59\"\u003e\u003ccode\u003e04a89ce\u003c/code\u003e\u003c/a\u003e [Librarian] Regenerated @ d39d243cf0f072a87b06d80cfd5d04f77cde8481 e2fda0239d...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/d6b406f7fbe54f49448eb4ddb6f39e4be8429cb0\"\u003e\u003ccode\u003ed6b406f\u003c/code\u003e\u003c/a\u003e [Librarian] Regenerated @ 40ca64a22aef42a337cb49d1d4e4c4f48ae3b6e4 21ed5806ef...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/3e96b64bd245d506a8fc450d0d34ab18c459eae6\"\u003e\u003ccode\u003e3e96b64\u003c/code\u003e\u003c/a\u003e chore: mvr 6.0.0 release prep (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/issues/1186\"\u003e#1186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/447a23d308f2df937ba924c4bd1f7062ff21a281\"\u003e\u003ccode\u003e447a23d\u003c/code\u003e\u003c/a\u003e Release 5.13.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/6267242ba7219e78decf2156c84db8a78dfc3a4c\"\u003e\u003ccode\u003e6267242\u003c/code\u003e\u003c/a\u003e [Librarian] Regenerated @ 40ca64a22aef42a337cb49d1d4e4c4f48ae3b6e4 21ed5806ef...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/twilio/twilio-node/compare/5.13.1...6.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typeorm` from 0.3.26 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typeorm/typeorm/releases\"\u003etypeorm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.0.0\u003c/h2\u003e\n\u003cp\u003eTypeORM v1.0 is here! 🥳\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003e👉 For a structured walk-through of the changes in v1.0 — breaking changes, new features, security fixes, and the upgrade path from 0.3.x — see the \u003ca href=\"https://typeorm.io/docs/releases/1.0/release-notes\"\u003ev1.0 Release Notes\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eThis release includes breaking changes. See the \u003ca href=\"https://typeorm.io/docs/releases/1.0/upgrading-from-0.3\"\u003ev1.0 Upgrade Guide\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: include joined entity primary keys in pagination subquery by \u003ca href=\"https://github.com/mag123c\"\u003e\u003ccode\u003e@​mag123c\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/typeorm/typeorm/pull/11669\"\u003etypeorm/typeorm#11669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(postgres): add support for PostgreSQL indices by...\n\n_Description has been truncated_","html_url":"https://github.com/rodekruis/IBF-system/pull/2749","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodekruis%2FIBF-system/issues/2749","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2749/packages"},{"uuid":"4609314824","node_id":"PR_kwDOBwapYs7juBlo","number":8833,"state":"open","title":"chore(deps): bump the test-versions group across 1 directory with 33 updates","user":"dependabot[bot]","labels":["semver-patch","dependencies","javascript","dependabot"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-08T01:00:18.000Z","updated_at":"2026-06-08T01:06:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"test-versions","update_count":33,"packages":[{"name":"@apollo/gateway","old_version":"2.14.0","new_version":"2.14.1","repository_url":"https://github.com/apollographql/federation"},{"name":"@apollo/subgraph","old_version":"2.14.0","new_version":"2.14.1","repository_url":"https://github.com/apollographql/federation"},{"name":"@babel/core","old_version":"7.29.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/preset-typescript","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@confluentinc/kafka-javascript","old_version":"1.9.0","new_version":"1.9.1","repository_url":"https://github.com/confluentinc/confluent-kafka-javascript"},{"name":"@datadog/openfeature-node-server","old_version":"1.2.1","new_version":"2.0.0","repository_url":"https://github.com/DataDog/openfeature-js-client"},{"name":"@elastic/elasticsearch","old_version":"9.4.0","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch-js"},{"name":"@elastic/transport","old_version":"9.3.5","new_version":"9.3.7","repository_url":"https://github.com/elastic/elastic-transport-js"},{"name":"@electron/packager","old_version":"20.0.0","new_version":"20.0.1","repository_url":"https://github.com/electron/packager"},{"name":"@google-cloud/pubsub","old_version":"5.3.0","new_version":"5.3.1","repository_url":"https://github.com/googleapis/google-cloud-node"},{"name":"@grpc/grpc-js","old_version":"1.14.3","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"@hono/node-server","old_version":"2.0.3","new_version":"2.0.4","repository_url":"https://github.com/honojs/node-server"},{"name":"@koa/router","old_version":"15.5.0","new_version":"15.6.0","repository_url":"https://github.com/koajs/router"},{"name":"@types/node","old_version":"25.9.0","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"aerospike","old_version":"6.7.0","new_version":"6.7.1","repository_url":"https://github.com/aerospike/aerospike-client-nodejs"},{"name":"axios","old_version":"1.16.1","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.78.0","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"electron","old_version":"42.1.0","new_version":"42.3.3","repository_url":"https://github.com/electron/electron"},{"name":"graphql","old_version":"16.14.0","new_version":"16.14.1","repository_url":"https://github.com/graphql/graphql-js"},{"name":"graphql-yoga","old_version":"5.21.0","new_version":"5.21.1","repository_url":"https://github.com/graphql-hive/graphql-yoga"},{"name":"hono","old_version":"4.12.19","new_version":"4.12.23","repository_url":"https://github.com/honojs/hono"},{"name":"koa","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/koajs/koa"},{"name":"mariadb","old_version":"3.4.5","new_version":"3.5.2","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-nodejs"},{"name":"next","old_version":"16.2.6","new_version":"16.2.7","repository_url":"https://github.com/vercel/next.js"},{"name":"npm","old_version":"11.14.1","new_version":"11.16.0","repository_url":"https://github.com/npm/cli"},{"name":"oracledb","old_version":"6.10.0","new_version":"7.0.0","repository_url":"https://github.com/oracle/node-oracledb"},{"name":"pnpm","old_version":"11.1.3","new_version":"11.5.1","repository_url":"https://github.com/pnpm/pnpm"},{"name":"protobufjs","old_version":"8.4.0","new_version":"8.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"react","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"stripe","old_version":"22.1.1","new_version":"22.2.0","repository_url":"https://github.com/stripe/stripe-node"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the test-versions group with 33 updates in the /packages/dd-trace/test/plugins/versions directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@apollo/gateway](https://github.com/apollographql/federation/tree/HEAD/gateway-js) | `2.14.0` | `2.14.1` |\n| [@apollo/subgraph](https://github.com/apollographql/federation/tree/HEAD/subgraph-js) | `2.14.0` | `2.14.1` |\n| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.29.0` | `7.29.7` |\n| [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) | `7.28.5` | `7.29.7` |\n| [@confluentinc/kafka-javascript](https://github.com/confluentinc/confluent-kafka-javascript) | `1.9.0` | `1.9.1` |\n| [@datadog/openfeature-node-server](https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server) | `1.2.1` | `2.0.0` |\n| [@elastic/elasticsearch](https://github.com/elastic/elasticsearch-js) | `9.4.0` | `9.4.2` |\n| [@elastic/transport](https://github.com/elastic/elastic-transport-js) | `9.3.5` | `9.3.7` |\n| [@electron/packager](https://github.com/electron/packager) | `20.0.0` | `20.0.1` |\n| [@google-cloud/pubsub](https://github.com/googleapis/google-cloud-node/tree/HEAD/handwritten/pubsub) | `5.3.0` | `5.3.1` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.14.3` | `1.14.4` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `2.0.3` | `2.0.4` |\n| [@koa/router](https://github.com/koajs/router) | `15.5.0` | `15.6.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.0` | `25.9.1` |\n| [aerospike](https://github.com/aerospike/aerospike-client-nodejs) | `6.7.0` | `6.7.1` |\n| [axios](https://github.com/axios/axios) | `1.16.1` | `1.17.0` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.78.0` |\n| [ejs](https://github.com/mde/ejs) | `5.0.2` | `6.0.1` |\n| [electron](https://github.com/electron/electron) | `42.1.0` | `42.3.3` |\n| [graphql](https://github.com/graphql/graphql-js) | `16.14.0` | `16.14.1` |\n| [graphql-yoga](https://github.com/graphql-hive/graphql-yoga/tree/HEAD/packages/graphql-yoga) | `5.21.0` | `5.21.1` |\n| [hono](https://github.com/honojs/hono) | `4.12.19` | `4.12.23` |\n| [koa](https://github.com/koajs/koa) | `3.2.0` | `3.2.1` |\n| [mariadb](https://github.com/mariadb-corporation/mariadb-connector-nodejs) | `3.4.5` | `3.5.2` |\n| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.7` |\n| [npm](https://github.com/npm/cli) | `11.14.1` | `11.16.0` |\n| [oracledb](https://github.com/oracle/node-oracledb) | `6.10.0` | `7.0.0` |\n| [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) | `11.1.3` | `11.5.1` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `8.4.0` | `8.6.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |\n| [stripe](https://github.com/stripe/stripe-node) | `22.1.1` | `22.2.0` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n\n\nUpdates `@apollo/gateway` from 2.14.0 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/releases\"\u003e@​apollo/gateway's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/gateway\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePass instrumentation scope version as a separate argument when creating the OpenTelemetry meter for telemetry. Fixes \u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3436\"\u003e#3436\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/apollographql/federation/pull/3439\"\u003e#3439\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/621568719382df6592749168893e0e533a648ba5\"\u003e\u003ccode\u003e621568719382df6592749168893e0e533a648ba5\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/composition\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/query-planner\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/blob/main/gateway-js/CHANGELOG.md\"\u003e@​apollo/gateway's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePass instrumentation scope version as a separate argument when creating the OpenTelemetry meter for telemetry. Fixes \u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3436\"\u003e#3436\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/apollographql/federation/pull/3439\"\u003e#3439\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/621568719382df6592749168893e0e533a648ba5\"\u003e\u003ccode\u003e621568719382df6592749168893e0e533a648ba5\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/composition\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/query-planner\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/582d2d29938a940405625232d4eef25db0f7045d\"\u003e\u003ccode\u003e582d2d2\u003c/code\u003e\u003c/a\u003e release: on branch main (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3443\"\u003e#3443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/cdc1810d1b9ec8cab06c1a38ca1ba8c019abd316\"\u003e\u003ccode\u003ecdc1810\u003c/code\u003e\u003c/a\u003e Update gateway tracing name to match ingestion side expectations (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3446\"\u003e#3446\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/d9c721c5a93220c59970beb5750ef86044b52a10\"\u003e\u003ccode\u003ed9c721c\u003c/code\u003e\u003c/a\u003e Pass scope version as a separate argument in telemetry instantiation (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3439\"\u003e#3439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apollographql/federation/commits/@apollo/gateway@2.14.1/gateway-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@apollo/subgraph` from 2.14.0 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/releases\"\u003e@​apollo/subgraph's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/subgraph\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/blob/main/subgraph-js/CHANGELOG.md\"\u003e@​apollo/subgraph's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/582d2d29938a940405625232d4eef25db0f7045d\"\u003e\u003ccode\u003e582d2d2\u003c/code\u003e\u003c/a\u003e release: on branch main (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/subgraph-js/issues/3443\"\u003e#3443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apollographql/federation/commits/@apollo/subgraph@2.14.1/subgraph-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/core` from 7.29.0 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/04ea6b27fdac8f40c3481aec2080ac9678779509\"\u003e\u003ccode\u003e04ea6b2\u003c/code\u003e\u003c/a\u003e v7.29.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99f498a9b9fa0b900d603fbe8f6601bb3b9e42bb\"\u003e\u003ccode\u003e99f498a\u003c/code\u003e\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/18001\"\u003e#18001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/feba0a3654c596bd369d1ef1231f5d56666d56dc\"\u003e\u003ccode\u003efeba0a3\u003c/code\u003e\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17998\"\u003e#17998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/preset-typescript` from 7.28.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/preset-typescript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f3a22268bdc4fc6748cbc2be718a4d1090bdaf00\"\u003e\u003ccode\u003ef3a2226\u003c/code\u003e\u003c/a\u003e [babel 7] Delete Babel 8 fixtures (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17729\"\u003e#17729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-preset-typescript\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@confluentinc/kafka-javascript` from 1.9.0 to 1.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/releases\"\u003e@​confluentinc/kafka-javascript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.9.1 is a maintenance release. It is supported for all usage.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2\"\u003elibrdkafka v2.14.2 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returnes undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003ev1.9.1-rc1 is a maintenance release candidate. It is not supported.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2-RC3. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2-RC3\"\u003elibrdkafka v2.14.2-RC3 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returns undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/blob/master/CHANGELOG.md\"\u003e@​confluentinc/kafka-javascript's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003econfluent-kafka-javascript 1.9.1\u003c/h1\u003e\n\u003cp\u003ev1.9.1 is a maintenance release. It is supported for all usage.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2\"\u003elibrdkafka v2.14.2 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returnes undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/cf4cf8fff87d9e62e50ba341ec4edc8c34d6704f\"\u003e\u003ccode\u003ecf4cf8f\u003c/code\u003e\u003c/a\u003e v1.9.1 (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/494\"\u003e#494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/1c06ed05847d5e60b9b3e323a688edab857e4946\"\u003e\u003ccode\u003e1c06ed0\u003c/code\u003e\u003c/a\u003e v1.9.1-rc1 (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/493\"\u003e#493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/eacb098cc1b45bcfa8040fc94ee9d1d7fcb3fb31\"\u003e\u003ccode\u003eeacb098\u003c/code\u003e\u003c/a\u003e [fix] pass string as first arg to user logger on error events (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/9357d60067604e9fc581f0eba90183a00c2c0ff5\"\u003e\u003ccode\u003e9357d60\u003c/code\u003e\u003c/a\u003e NONJAVACLI-4353: bump axios and pin transitive deps for CVE fixes (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/ce56a23219c03893b5efe6c8054ef4a7d72eecbe\"\u003e\u003ccode\u003ece56a23\u003c/code\u003e\u003c/a\u003e Resolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/59e32516fc5ad585ca6fd03fff0d9fd92a5665d8\"\u003e\u003ccode\u003e59e3251\u003c/code\u003e\u003c/a\u003e fix(package.json): correct broken \u0026quot;types\u0026quot; path (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/f92eace3bb1d631f0779b94875f82b85de82d4a6\"\u003e\u003ccode\u003ef92eace\u003c/code\u003e\u003c/a\u003e [Typescript] Fix \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type from \u003ccode\u003e|| undefined\u003c/code\u003e to `|...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/2e82d006febcca3fb73be53d3ae9ed6d81abe733\"\u003e\u003ccode\u003e2e82d00\u003c/code\u003e\u003c/a\u003e Fix the typescript return type for admin.describeGroups() per \u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/488\"\u003e#488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/685bdb2f125e33f9349af00596c878b05e69e693\"\u003e\u003ccode\u003e685bdb2\u003c/code\u003e\u003c/a\u003e Correct the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/486\"\u003e#486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/6ef5fd264bafd7dcbb7247f045fb7d86547e4055\"\u003e\u003ccode\u003e6ef5fd2\u003c/code\u003e\u003c/a\u003e DGS-24227 Preserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/compare/v1.9.0...v1.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@datadog/openfeature-node-server` from 1.2.1 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/releases\"\u003e@​datadog/openfeature-node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add npm compatibility smoke test by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003eDataDog/openfeature-js-client#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003eDataDog/openfeature-js-client#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: switch to lerna independent versioning by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003eDataDog/openfeature-js-client#288\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@datadog/openfeature-node-server@2.0.0\"\u003ehttps://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@​datadog/openfeature-node-server@2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/blob/main/CHANGELOG.md\"\u003e@​datadog/openfeature-node-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-browser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.2.2, \u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version to prevent version skew [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003echore: switch to lerna independent versioning (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: add npm compatibility smoke test (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e This is the first stable release with the serialId feature. v1.2.0 had yarn syntax issues, v1.2.1 had loose dependency issues. \u003ccode\u003enode-server\u003c/code\u003e is bumped to 2.0.0 to prevent automatic upgrades by older dd-trace versions with unpinned dependencies.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat(node): expose serial ID in flagMetadata for span enrichment (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/269\"\u003e#269\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003e👷 ci(deps): Bump dependabot/fetch-metadata (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/267\"\u003e#267\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e👷 ci(deps)(deps): Bump actions/setup-node in the github-actions group (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump tmp from 0.2.3 to 0.2.5 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/228\"\u003e#228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps-dev)(deps-dev): Bump glob from 11.1.0 to 13.0.6 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps): Bump axios from 1.13.4 to 1.15.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate missed touchpoints on v1.1.1 release\u003c/li\u003e\n\u003cli\u003efix: replace Map\u0026lt;string, string\u0026gt; constraint with CacheDelegate to avoid MapIterator in declarations (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/263\"\u003e#263\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(browser): bump \u003ccode\u003e@​datadog/browser-core\u003c/code\u003e to ^6.33.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/261\"\u003e#261\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/254\"\u003e#254\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/253\"\u003e#253\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003echore(browser): move \u003ccode\u003e@​types/chrome\u003c/code\u003e from dependencies to devDependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/250\"\u003e#250\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003efix(node): mark open \u003ccode\u003e@​openfeature/server-sdk\u003c/code\u003e as non-optional (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/248\"\u003e#248\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eRemove nested attributes from setContext example (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/234\"\u003e#234\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003echore: Harden npm supply chain with \u003ccode\u003e@​lavamoat/allow-scripts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/233\"\u003e#233\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e*_ Bug Fixes_\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow null targeting key for static and rule-only flags (\u003ca href=\"https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server/issues/232\"\u003e#232\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBehavior Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/208293e04a79701c97f416665c51b6ccd02c089f\"\u003e\u003ccode\u003e208293e\u003c/code\u003e\u003c/a\u003e Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/d81d422b2676b0202c8b3b8fd98c6bb6238ef8b1\"\u003e\u003ccode\u003ed81d422\u003c/code\u003e\u003c/a\u003e fix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DataDog/openfeature-js-client/commits/@datadog/openfeature-node-server@2.0.0/packages/node-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/elasticsearch` from 9.4.0 to 9.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elasticsearch-js/releases\"\u003e@​elastic/elasticsearch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.4.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.2\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.4.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.1\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/436cd88c09899bbbb48fc53174d08e8f73371a41\"\u003e\u003ccode\u003e436cd88\u003c/code\u003e\u003c/a\u003e bump 9.4.2 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3309\"\u003e#3309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/6cd7358e05b0fb70572f2766963ac44493e43417\"\u003e\u003ccode\u003e6cd7358\u003c/code\u003e\u003c/a\u003e fix: bulk operations check too strict [backport] (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3311\"\u003e#3311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/cabdb6606def80e8410d051c45d2e4f151541785\"\u003e\u003ccode\u003ecabdb66\u003c/code\u003e\u003c/a\u003e fix: backport globby removal and junit CI fixes to 9.4 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3303\"\u003e#3303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/47ca4ab865ff4fefb1e679d03078c90f3bb4b490\"\u003e\u003ccode\u003e47ca4ab\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3300\"\u003e#3300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/78a4391d247c7e1bef9f70264c053c981a9424a9\"\u003e\u003ccode\u003e78a4391\u003c/code\u003e\u003c/a\u003e [9.4] chore: update ESM patching for apache-arrow (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3294\"\u003e#3294\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3295\"\u003e#3295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/b88dca6c76756aa354f69ff0069fd40f4c198084\"\u003e\u003ccode\u003eb88dca6\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3290\"\u003e#3290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/bd7b2af7a6d2de7a09ebaf7ea725bbe57723d3d9\"\u003e\u003ccode\u003ebd7b2af\u003c/code\u003e\u003c/a\u003e 9.4.1 changelog (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3284\"\u003e#3284\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3285\"\u003e#3285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/4ff8dce1ae7ef54e514feac06925df94dbe8049a\"\u003e\u003ccode\u003e4ff8dce\u003c/code\u003e\u003c/a\u003e bump to 9.4.1 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3283\"\u003e#3283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/588c55aa25e438ef93f3d7bee46eb1964e0e1378\"\u003e\u003ccode\u003e588c55a\u003c/code\u003e\u003c/a\u003e [9.4] fix: throw errors properly when bulk helper uses a stream (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3281\"\u003e#3281\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3282\"\u003e#3282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elastic/elasticsearch-js/compare/v9.4.0...v9.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/transport` from 9.3.5 to 9.3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elastic-transport-js/releases\"\u003e@​elastic/transport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.3.7\u003c/h2\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emark timed-out nodes dead when retryOnTimeout is false by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/382\"\u003eelastic/elastic-transport-js#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.6...v9.3.7\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.6...v9.3.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.3.6\u003c/h2\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse Buffer.concat for UTF-8 response body to prevent multi-byte character corruption by \u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent false NoLivingConnectionsError in WeightedConnectionPool by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/369\"\u003eelastic/elastic-transport-js#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprevent ConnectionError with empty message by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/370\"\u003eelastic/elastic-transport-js#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eensure Error.cause propagates by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/371\"\u003eelastic/elastic-transport-js#371\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse correct content-type on empty requests by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/372\"\u003eelastic/elastic-transport-js#372\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/65a258563e0cd7d1f4c8aff6f66ba60ef0b8dad3\"\u003e\u003ccode\u003e65a2585\u003c/code\u003e\u003c/a\u003e fix: mark timed-out nodes dead when retryOnTimeout is false (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/382\"\u003e#382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/68389bab3b4e0388f62dd1226f86c259bc88e059\"\u003e\u003ccode\u003e68389ba\u003c/code\u003e\u003c/a\u003e chore(deps): pin actions/github-script action to f28e40c (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/379\"\u003e#379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/a657bd6e4a1dc95242a228f1eece39cf9d34e08c\"\u003e\u003ccode\u003ea657bd6\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to 8530f76 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/380\"\u003e#380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/668d8050d7fb83d381a352f08fbfd572f014dcae\"\u003e\u003ccode\u003e668d805\u003c/code\u003e\u003c/a\u003e ci: add AI backport resolver (gh-aw prompt + issue_comment trigger) (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/377\"\u003e#377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/4fe6d59752f56ce7dd0e02514c108a0f299b8e02\"\u003e\u003ccode\u003e4fe6d59\u003c/code\u003e\u003c/a\u003e ci: point to clients-team-automations instead of devtools (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/378\"\u003e#378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/eaca5eb8c049ef3b1e73f0205e89ca3d2c4bdcd0\"\u003e\u003ccode\u003eeaca5eb\u003c/code\u003e\u003c/a\u003e fix: remove non-ASCII characters causing workflow parse failure (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/375\"\u003e#375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/ca6bf3fe78a469016fa3b135734822488e697bd5\"\u003e\u003ccode\u003eca6bf3f\u003c/code\u003e\u003c/a\u003e ci: replace thin caller with full AI backport resolver workflow (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5ef792abf78ba81e534e6dff0f398cef63b20383\"\u003e\u003ccode\u003e5ef792a\u003c/code\u003e\u003c/a\u003e fix: use correct content-type on empty requests (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/d619d0d462c40104aca949a79a3e420c0037d4e9\"\u003e\u003ccode\u003ed619d0d\u003c/code\u003e\u003c/a\u003e fix: ensure Error.cause propagates (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5f1eab1b44707d6afb8c54513893ffc3e8c53fd8\"\u003e\u003ccode\u003e5f1eab1\u003c/code\u003e\u003c/a\u003e fix: prevent ConnectionError with empty message (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@electron/packager` from 20.0.0 to 20.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/electron/packager/releases\"\u003e@​electron/packager's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/electron/packager/compare/v20.0.0...v20.0.1\"\u003e20.0.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eswap \u003ccode\u003eextract-zip\u003c/code\u003e with \u003ccode\u003e@electron-internal/extract-zip\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1917\"\u003e#1917\u003c/a\u003e) (\u003ca href=\"https://github.com/electron/packager/commit/0ff6c2a14f6842ee2f549183a52f16a03001292c\"\u003e0ff6c2a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/0ff6c2a14f6842ee2f549183a52f16a03001292c\"\u003e\u003ccode\u003e0ff6c2a\u003c/code\u003e\u003c/a\u003e fix: swap \u003ccode\u003eextract-zip\u003c/code\u003e with \u003ccode\u003e@electron-internal/extract-zip\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1917\"\u003e#1917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/0076a3658e19470f836dae4fd5accbf7dff896a9\"\u003e\u003ccode\u003e0076a36\u003c/code\u003e\u003c/a\u003e chore: bump vitest from 3.2.4 to 4.1.0 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1916\"\u003e#1916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/b0413a0907368e68530c027c18cb62e3bcfc81f3\"\u003e\u003ccode\u003eb0413a0\u003c/code\u003e\u003c/a\u003e chore: bump brace-expansion from 5.0.5 to 5.0.6 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1915\"\u003e#1915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/eed530c1afba2ede9e9f356ec2001668f35adbe6\"\u003e\u003ccode\u003eeed530c\u003c/code\u003e\u003c/a\u003e ci: add a GitHub Actions Completed job (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1914\"\u003e#1914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/b0eb94de5be7cd96780d948e91374d916fa723bf\"\u003e\u003ccode\u003eb0eb94d\u003c/code\u003e\u003c/a\u003e build(dev-deps): drop tsx (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1908\"\u003e#1908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/56f519fb32d478896996e80177dc85e5d7a6489f\"\u003e\u003ccode\u003e56f519f\u003c/code\u003e\u003c/a\u003e build: remove parse-author dependency (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1912\"\u003e#1912\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/23cb235c1ea8fead4597664cd62bdfdeccb73c9f\"\u003e\u003ccode\u003e23cb235\u003c/code\u003e\u003c/a\u003e chore: bump ip-address from 10.0.1 to 10.1.1 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1913\"\u003e#1913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/feb3114f21d96f3424fed6fc0e0199fb81bba2c0\"\u003e\u003ccode\u003efeb3114\u003c/code\u003e\u003c/a\u003e chore: bump the non-major-version-updates group with 4 updates (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1911\"\u003e#1911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/555715325a2d9ac31f8759ce77fdbdda15bb8d4d\"\u003e\u003ccode\u003e5557153\u003c/code\u003e\u003c/a\u003e chore: bump postcss from 8.5.6 to 8.5.10 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1910\"\u003e#1910\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/d71c96bdecf90e18efb0236b0cd28dc1e6a37ba8\"\u003e\u003ccode\u003ed71c96b\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1909\"\u003e#1909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/electron/packager/compare/v20.0.0...v20.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@google-cloud/pubsub` from 5.3.0 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/google-cloud-node/releases\"\u003e@​google-cloud/pubsub's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003epubsub: v5.3.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/google-cloud-node/compare/pubsub-v5.3.0...pubsub-v5.3.1\"\u003e5.3.1\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump all node submodules (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/8178\"\u003e#8178\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/9fd76eff87b1cf02db6205f141449b31e8ab7d8f\"\u003e9fd76ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epubsub:\u003c/strong\u003e Remove messages from leasing on nackWithResponse (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/7817\"\u003e#7817\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/841f0ca06d3d70278bb1d0c99535ad3c73c3d5d4\"\u003e841f0ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/google-cloud-node/blob/main/handwritten/pubsub/CHANGELOG.md\"\u003e@​google-cloud/pubsub's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/google-cloud-node/compare/pubsub-v5.3.0...pubsub-v5.3.1\"\u003e5.3.1\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump all node submodules (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/8178\"\u003e#8178\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/9fd76eff87b1cf02db6205f141449b31e8ab7d8f\"\u003e9fd76ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epubsub:\u003c/strong\u003e Remove messages from leasing on nackWithResponse (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/7817\"\u003e#7817\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/841f0ca06d3d70278bb1d0c99535ad3c73c3d5d4\"\u003e841f0ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/googleapis/google-cloud-node/commits/dns-v5.3.1/handwritten/pubsub\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.14.3 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.14.3...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 2.0.3 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: stub ws types to prevent them leaking in public types by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/359\"\u003ehonojs/node-server#359\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ehttps://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/9e1cdee836baeb13f33e857a582b29546185c324\"\u003e\u003ccode\u003e9e1cdee\u003c/code\u003e\u003c/a\u003e 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b4ca62216c9b537f1e56e0282bc8b5ee5b953b26\"\u003e\u003ccode\u003eb4ca622\u003c/code\u003e\u003c/a\u003e fix: stub ws types to prevent them leaking in public types (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/359\"\u003e#359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@koa/router` from 15.5.0 to 15.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/router/releases\"\u003e@​koa/router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: drop node v20 from ci pipeline  b5f9b6c\u003c/li\u003e\n\u003cli\u003echore: update *.md docs files  d586f45\u003c/li\u003e\n\u003cli\u003echore: add more tests + bump deps  7148fd1\u003c/li\u003e\n\u003cli\u003efix: hide internal rest param from prefixed middleware  99a6ae6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/koajs/router/compare/v15.5.0...v15.6.0\"\u003ehttps://github.com/koajs/router/compare/v15.5.0...v15.6.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/5b989fe0e37a4e1044287ba3fc935f5d0d623702\"\u003e\u003ccode\u003e5b989fe\u003c/code\u003e\u003c/a\u003e v15.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/b5f9b6cee1e9822074ff45c7abaf7aab1743dc3a\"\u003e\u003ccode\u003eb5f9b6c\u003c/code\u003e\u003c/a\u003e ci: drop node v20 from ci pipeline\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/d586f450ee0e92dd71ab995adfb1a535bcf55fba\"\u003e\u003ccode\u003ed586f45\u003c/code\u003e\u003c/a\u003e chore: update *.md docs files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/7148fd1491ca9b116cdf52fa3446d235539137f8\"\u003e\u003ccode\u003e7148fd1\u003c/code\u003e\u003c/a\u003e chore: add more tests + bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/99a6ae6a259cc26b8227288a99303b7bc7f597a1\"\u003e\u003ccode\u003e99a6ae6\u003c/code\u003e\u003c/a\u003e fix: hide internal rest param from prefixed middleware\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/koajs/router/compare/v15.5.0...v15.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.0 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aerospike` from 6.7.0 to 6.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/releases\"\u003eaerospike's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[6.7.1]\u003c/h2\u003e\n\u003cp\u003eRelease Date: May 26, 2026\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress node.js client vulnerabilities reported by Dependabot. [CLIENT-4732]\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e...\n\u003cul\u003e\n\u003cli\u003eas a development dependency from 9.0.5 to 9.0.9.\u003c/li\u003e\n\u003cli\u003eas a runtime dependency from 3.1.2 to 3.1.5.\u003c/li\u003e\n\u003cli\u003eThis addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-27904\u003c/li\u003e\n\u003cli\u003eCVE-2026-27903\u003c/li\u003e\n\u003cli\u003eCVE-2026-26996\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003etar\u003c/code\u003e from 7.5.7 to 7.5.15. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-29786\u003c/li\u003e\n\u003cli\u003eCVE-2026-31802\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003epicomatch\u003c/code\u003e from 4.0.3 to 4.0.4. This addresses CVE-2026-33671.\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eprotobufjs\u003c/code\u003e from 7.5.4 to 7.5.8. This addresses the following vulnerabilities where protobufjs...\n\u003cul\u003e\n\u003cli\u003eis a runtime dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-41242\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eis a development dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-44291\u003c/li\u003e\n\u003cli\u003eCVE-2026-44290\u003c/li\u003e\n\u003cli\u003eCVE-2026-44293\u003c/li\u003e\n\u003cli\u003eCVE-2026-44289\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump development dependency \u003ccode\u003eflatted\u003c/code\u003e from 3.3.3 to 3.4.2. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-33228\u003c/li\u003e\n\u003cli\u003eCVE-2026-32141\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ehttps://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e64dca8645265de9f1c9fb697304296f0342474d\"\u003e\u003ccode\u003ee64dca8\u003c/code\u003e\u003c/a\u003e Forgot to update the rest of the jobs in the stage tests to convert the runne...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e7e1fdfe4240ff118ff388f4205b121f9b4ae3e1\"\u003e\u003ccode\u003ee7e1fdf\u003c/code\u003e\u003c/a\u003e Fix syntax. TODO should add actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c90678774e1f049310b04a5cdfdc7a14e2b6b9dc\"\u003e\u003ccode\u003ec906787\u003c/code\u003e\u003c/a\u003e Use shared workflow from aerospike/aerospike-client-python from dev commit no...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/35145f29ac91c6ac8e2f8a68bc89a22b71a263c5\"\u003e\u003ccode\u003e35145f2\u003c/code\u003e\u003c/a\u003e Fix syntax error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6486f505e6857c80e362349f39168dff84ddcf32\"\u003e\u003ccode\u003e6486f50\u003c/code\u003e\u003c/a\u003e Use the same syntax in aerospike-client-python to pass encoded json output to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/ff05b8cb767992e3a4354556e70fb56a0498be74\"\u003e\u003ccode\u003eff05b8c\u003c/code\u003e\u003c/a\u003e Rename SMA2 self hosted macos runner to the default labels used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/affd51c22e4cc317d5e186d29a25adf04c82b42d\"\u003e\u003ccode\u003eaffd51c\u003c/code\u003e\u003c/a\u003e Bump version to 6.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c12499bdda4d9730d0319a4dc7c6c88a44bf1ee1\"\u003e\u003ccode\u003ec12499b\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Bump version to 6.7.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6b6da3ae8379de9536d392a8961caba3e7556a2a\"\u003e\u003ccode\u003e6b6da3a\u003c/code\u003e\u003c/a\u003e Fix bug where artifacts for release bundles are built for the wrong revision ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/242ad5bdbb487080a273bdc31b65f3fb899d3c68\"\u003e\u003ccode\u003e242ad5b\u003c/code\u003e\u003c/a\u003e Fix usage of promote-and-optionally-tag-release-bundle.yml in stage workflow.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.16.1 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/ax...\n\n_Description has been truncated_","html_url":"https://github.com/DataDog/dd-trace-js/pull/8833","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2Fdd-trace-js/issues/8833","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8833/packages"},{"uuid":"4583836234","node_id":"PR_kwDON2NuTs7ibOBU","number":5,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 33 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":["HiromiShikata"],"locked":true,"comments_count":2,"pull_request":true,"closed_at":"2026-06-14T02:11:56.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-03T21:38:09.000Z","updated_at":"2026-06-14T02:11:57.000Z","time_to_close":880427,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":33,"packages":[{"name":"@babel/helpers","old_version":"7.23.2","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.23.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.12.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"body-parser","old_version":"1.20.2","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.19.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.1","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.2.9","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.6","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.6","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"jsonpath","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/dchester/jsonpath"},{"name":"launch-editor","old_version":"2.6.1","new_version":"2.14.1","repository_url":"https://github.com/vitejs/launch-editor"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"micromatch","old_version":"4.0.5","new_version":"4.0.8","repository_url":"https://github.com/micromatch/micromatch"},{"name":"nanoid","old_version":"3.3.6","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"node-forge","old_version":"1.3.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"yaml","old_version":"2.3.3","new_version":"2.9.0","repository_url":"https://github.com/eemeli/yaml"},{"name":"rollup","old_version":"2.79.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.89.0","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"ws","old_version":"8.14.2","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.9","new_version":"7.5.11","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 27 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.23.2` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.23.0` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.12.0` | `8.20.0` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.19.2` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.1` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.9` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.6` | `1.16.0` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |\n| [launch-editor](https://github.com/vitejs/launch-editor) | `2.6.1` | `2.14.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.12` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n| [yaml](https://github.com/eemeli/yaml) | `2.3.3` | `2.9.0` |\n| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.89.0` | `5.107.2` |\n| [ws](https://github.com/websockets/ws) | `8.14.2` | `8.21.0` |\n| [ws](https://github.com/websockets/ws) | `7.5.9` | `7.5.11` |\n\n\nUpdates `@babel/helpers` from 7.23.2 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.23.0 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.12.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.2 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.2...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.19.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.19.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.1 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.6.0 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.9 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.9...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.19.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci...\n\n_Description has been truncated_","html_url":"https://github.com/HiromiShikata/landy-react-template/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HiromiShikata%2Flandy-react-template/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"4568102446","node_id":"PR_kwDOQMbXY87hnd9T","number":507,"state":"closed","title":"chore(deps): bump the all-npm-updates group with 2 updates","user":"dependabot[bot]","labels":["automated","dependencies"],"assignees":["gogorichie"],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-06-02T08:01:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-02T03:20:20.000Z","updated_at":"2026-06-10T01:49:50.000Z","time_to_close":16873,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"all-npm-updates","update_count":2,"packages":[{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"eslint","old_version":"10.4.0","new_version":"10.4.1","repository_url":"https://github.com/eslint/eslint"}],"path":null,"ecosystem":"npm"},"body":"Bumps the all-npm-updates group with 2 updates: [ejs](https://github.com/mde/ejs) and [eslint](https://github.com/eslint/eslint).\n\nUpdates `ejs` from 5.0.2 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.4.0 to 10.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e) (Minh Vu)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85\"\u003e\u003ccode\u003ec5bc78b\u003c/code\u003e\u003c/a\u003e fix: false positive for reference in \u003ccode\u003efinally\u003c/code\u003e block (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20655\"\u003e#20655\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59\"\u003e\u003ccode\u003e27538c0\u003c/code\u003e\u003c/a\u003e fix: add missing CodePath and CodePathSegment types (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20853\"\u003e#20853\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43\"\u003e\u003ccode\u003e305d5b9\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rules from related rules section (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20911\"\u003e#20911\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c\"\u003e\u003ccode\u003e49b0202\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003edisplay: none\u003c/code\u003e of ad (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20901\"\u003e#20901\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44\"\u003e\u003ccode\u003e9067f94\u003c/code\u003e\u003c/a\u003e docs: switch build to Node.js 24 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20893\"\u003e#20893\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86\"\u003e\u003ccode\u003ec91b041\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870\"\u003e\u003ccode\u003ee349265\u003c/code\u003e\u003c/a\u003e docs: clarify semver strings in rule deprecation objects (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20885\"\u003e#20885\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20922\"\u003e#20922\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e) (Arpit Jain)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b\"\u003e\u003ccode\u003e64bca24\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20912\"\u003e#20912\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6d7c832950d5e92499d88e504080661f888f8f56\"\u003e\u003ccode\u003e6d7c832\u003c/code\u003e\u003c/a\u003e chore: ignore fflate updates in renovate (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20908\"\u003e#20908\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b2c86382164d87c6203b78d52068cd6a2a6ffe30\"\u003e\u003ccode\u003eb2c8638\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.7 to 6.0.8 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20889\"\u003e#20889\u003c/a\u003e) (dependabot[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a9b8d7f74c50211701cfc49710fa541fd91b2aa5\"\u003e\u003ccode\u003ea9b8d7f\u003c/code\u003e\u003c/a\u003e chore: increase maxBuffer for ecosystem tests (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20881\"\u003e#20881\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b702ead5e1ed7cb9f28238a454797662efb37396\"\u003e\u003ccode\u003eb702ead\u003c/code\u003e\u003c/a\u003e chore: update ecosystem update PR settings (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20884\"\u003e#20884\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/507f60e9a78c9a902bc8759f066ae17a1ea6cd81\"\u003e\u003ccode\u003e507f60e\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20882\"\u003e#20882\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/92f5c5bb6bf3a5d167c8ee53a430833410295c6d\"\u003e\u003ccode\u003e92f5c5b\u003c/code\u003e\u003c/a\u003e test: add unit test for message-count (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20878\"\u003e#20878\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/df321080af5758b1fa25e4b9a40e26135642dd6e\"\u003e\u003ccode\u003edf32108\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003e@​eslint/markdown\u003c/code\u003e and typescript-eslint ecosystem tests (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20837\"\u003e#20837\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/327f91d36aa49f2a50ded931d841a16374fd875f\"\u003e\u003ccode\u003e327f91d\u003c/code\u003e\u003c/a\u003e chore: use includeIgnoreFile internally (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20876\"\u003e#20876\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f0dc4bd893fb3a9f44e4ddc3ad7063ffb0beacd3\"\u003e\u003ccode\u003ef0dc4bd\u003c/code\u003e\u003c/a\u003e chore: pin fflate@0.8.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20877\"\u003e#20877\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/0f4bd257a67a082b756de746d9e0c4842ab764ca\"\u003e\u003ccode\u003e0f4bd25\u003c/code\u003e\u003c/a\u003e ci: run Discord alert for ecosystem test failures (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20873\"\u003e#20873\u003c/a\u003e) (Copilot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/4a3d15a99c452c4db2fd56b577fa7597e98ab0c2\"\u003e\u003ccode\u003e4a3d15a\u003c/code\u003e\u003c/a\u003e 10.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/43e7e2bdc5c6cacc535446b7d23c10f780384ba8\"\u003e\u003ccode\u003e43e7e2b\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20\"\u003e#20\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.4.0...v10.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/Gogorichielab/PPCollection/pull/507","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gogorichielab%2FPPCollection/issues/507","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/507/packages"},{"uuid":"4566989322","node_id":"PR_kwDOHBES0M7hj3L2","number":8,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 32 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-01T23:01:09.000Z","updated_at":"2026-06-01T23:01:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":32,"packages":[{"name":"axios","old_version":"0.26.1","new_version":"0.32.0","repository_url":"https://github.com/axios/axios"},{"name":"@babel/helpers","old_version":"7.17.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.10.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"body-parser","old_version":"1.19.2","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.3","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.4","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"ip","old_version":"1.1.5","new_version":"removed","repository_url":"https://github.com/indutny/node-ip"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"micromatch","old_version":"4.0.4","new_version":"4.0.8","repository_url":"https://github.com/micromatch/micromatch"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"nanoid","old_version":"3.3.1","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"node-forge","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"rollup","old_version":"2.70.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.70.0","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"ws","old_version":"8.5.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.7","new_version":"7.5.11","repository_url":"https://github.com/websockets/ws"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 26 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.26.1` | `0.32.0` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.17.7` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.16.7` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.10.0` | `8.20.0` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.2` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.3` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.4` | `2.0.9` |\n| [ip](https://github.com/indutny/node-ip) | `1.1.5` | `removed` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.4` | `4.0.8` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.1` | `3.3.12` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.2.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [rollup](https://github.com/rollup/rollup) | `2.70.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.70.0` | `5.107.2` |\n| [ws](https://github.com/websockets/ws) | `8.5.0` | `8.21.0` |\n| [ws](https://github.com/websockets/ws) | `7.5.7` | `7.5.11` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `axios` from 0.26.1 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.26.1...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.17.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.10.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.19.2 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.19.2...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.3 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.3...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.4.2 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epriority\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eexpires\u003c/code\u003e option to reject invalid dates\u003c/li\u003e\n\u003cli\u003epref: improve default decode speed\u003c/li\u003e\n\u003cli\u003epref: remove slow string split in parse\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cd...\n\n_Description has been truncated_","html_url":"https://github.com/geolonia/style-compare/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/geolonia%2Fstyle-compare/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"},{"uuid":"4559746417","node_id":"PR_kwDOBwapYs7hMQQF","number":8737,"state":"open","title":"chore(deps): bump the test-versions group across 1 directory with 20 updates","user":"dependabot[bot]","labels":["semver-patch","dependencies","javascript","dependabot"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-01T01:46:05.000Z","updated_at":"2026-06-01T01:51:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"test-versions","update_count":20,"packages":[{"name":"@babel/core","old_version":"7.29.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/preset-typescript","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@datadog/openfeature-node-server","old_version":"1.2.1","new_version":"2.0.0","repository_url":"https://github.com/DataDog/openfeature-js-client"},{"name":"@elastic/elasticsearch","old_version":"9.4.0","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch-js"},{"name":"@elastic/transport","old_version":"9.3.5","new_version":"9.3.6","repository_url":"https://github.com/elastic/elastic-transport-js"},{"name":"@grpc/grpc-js","old_version":"1.14.3","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"@hono/node-server","old_version":"2.0.3","new_version":"2.0.4","repository_url":"https://github.com/honojs/node-server"},{"name":"@types/node","old_version":"25.9.0","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"aerospike","old_version":"6.7.0","new_version":"6.7.1","repository_url":"https://github.com/aerospike/aerospike-client-nodejs"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.77.6","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"electron","old_version":"42.1.0","new_version":"42.3.0","repository_url":"https://github.com/electron/electron"},{"name":"hono","old_version":"4.12.19","new_version":"4.12.23","repository_url":"https://github.com/honojs/hono"},{"name":"koa","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/koajs/koa"},{"name":"mariadb","old_version":"3.4.5","new_version":"3.5.2","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-nodejs"},{"name":"npm","old_version":"11.14.1","new_version":"11.16.0","repository_url":"https://github.com/npm/cli"},{"name":"pnpm","old_version":"11.1.3","new_version":"11.4.0","repository_url":"https://github.com/pnpm/pnpm"},{"name":"protobufjs","old_version":"8.4.0","new_version":"8.4.2","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"stripe","old_version":"22.1.1","new_version":"22.2.0","repository_url":"https://github.com/stripe/stripe-node"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the test-versions group with 20 updates in the /packages/dd-trace/test/plugins/versions directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.29.0` | `7.29.7` |\n| [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) | `7.28.5` | `7.29.7` |\n| [@datadog/openfeature-node-server](https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server) | `1.2.1` | `2.0.0` |\n| [@elastic/elasticsearch](https://github.com/elastic/elasticsearch-js) | `9.4.0` | `9.4.2` |\n| [@elastic/transport](https://github.com/elastic/elastic-transport-js) | `9.3.5` | `9.3.6` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.14.3` | `1.14.4` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `2.0.3` | `2.0.4` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.0` | `25.9.1` |\n| [aerospike](https://github.com/aerospike/aerospike-client-nodejs) | `6.7.0` | `6.7.1` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.77.6` |\n| [ejs](https://github.com/mde/ejs) | `5.0.2` | `6.0.1` |\n| [electron](https://github.com/electron/electron) | `42.1.0` | `42.3.0` |\n| [hono](https://github.com/honojs/hono) | `4.12.19` | `4.12.23` |\n| [koa](https://github.com/koajs/koa) | `3.2.0` | `3.2.1` |\n| [mariadb](https://github.com/mariadb-corporation/mariadb-connector-nodejs) | `3.4.5` | `3.5.2` |\n| [npm](https://github.com/npm/cli) | `11.14.1` | `11.16.0` |\n| [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) | `11.1.3` | `11.4.0` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `8.4.0` | `8.4.2` |\n| [stripe](https://github.com/stripe/stripe-node) | `22.1.1` | `22.2.0` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n\n\nUpdates `@babel/core` from 7.29.0 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/04ea6b27fdac8f40c3481aec2080ac9678779509\"\u003e\u003ccode\u003e04ea6b2\u003c/code\u003e\u003c/a\u003e v7.29.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99f498a9b9fa0b900d603fbe8f6601bb3b9e42bb\"\u003e\u003ccode\u003e99f498a\u003c/code\u003e\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/18001\"\u003e#18001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/feba0a3654c596bd369d1ef1231f5d56666d56dc\"\u003e\u003ccode\u003efeba0a3\u003c/code\u003e\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17998\"\u003e#17998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/preset-typescript` from 7.28.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/preset-typescript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f3a22268bdc4fc6748cbc2be718a4d1090bdaf00\"\u003e\u003ccode\u003ef3a2226\u003c/code\u003e\u003c/a\u003e [babel 7] Delete Babel 8 fixtures (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17729\"\u003e#17729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-preset-typescript\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@datadog/openfeature-node-server` from 1.2.1 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/releases\"\u003e@​datadog/openfeature-node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add npm compatibility smoke test by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003eDataDog/openfeature-js-client#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003eDataDog/openfeature-js-client#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: switch to lerna independent versioning by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003eDataDog/openfeature-js-client#288\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@datadog/openfeature-node-server@2.0.0\"\u003ehttps://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@​datadog/openfeature-node-server@2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/blob/main/CHANGELOG.md\"\u003e@​datadog/openfeature-node-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-browser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.2.2, \u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version to prevent version skew [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003echore: switch to lerna independent versioning (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: add npm compatibility smoke test (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e This is the first stable release with the serialId feature. v1.2.0 had yarn syntax issues, v1.2.1 had loose dependency issues. \u003ccode\u003enode-server\u003c/code\u003e is bumped to 2.0.0 to prevent automatic upgrades by older dd-trace versions with unpinned dependencies.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat(node): expose serial ID in flagMetadata for span enrichment (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/269\"\u003e#269\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003e👷 ci(deps): Bump dependabot/fetch-metadata (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/267\"\u003e#267\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e👷 ci(deps)(deps): Bump actions/setup-node in the github-actions group (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump tmp from 0.2.3 to 0.2.5 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/228\"\u003e#228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps-dev)(deps-dev): Bump glob from 11.1.0 to 13.0.6 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps): Bump axios from 1.13.4 to 1.15.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate missed touchpoints on v1.1.1 release\u003c/li\u003e\n\u003cli\u003efix: replace Map\u0026lt;string, string\u0026gt; constraint with CacheDelegate to avoid MapIterator in declarations (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/263\"\u003e#263\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(browser): bump \u003ccode\u003e@​datadog/browser-core\u003c/code\u003e to ^6.33.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/261\"\u003e#261\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/254\"\u003e#254\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/253\"\u003e#253\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003echore(browser): move \u003ccode\u003e@​types/chrome\u003c/code\u003e from dependencies to devDependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/250\"\u003e#250\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003efix(node): mark open \u003ccode\u003e@​openfeature/server-sdk\u003c/code\u003e as non-optional (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/248\"\u003e#248\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eRemove nested attributes from setContext example (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/234\"\u003e#234\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003echore: Harden npm supply chain with \u003ccode\u003e@​lavamoat/allow-scripts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/233\"\u003e#233\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e*_ Bug Fixes_\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow null targeting key for static and rule-only flags (\u003ca href=\"https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server/issues/232\"\u003e#232\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBehavior Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/208293e04a79701c97f416665c51b6ccd02c089f\"\u003e\u003ccode\u003e208293e\u003c/code\u003e\u003c/a\u003e Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/d81d422b2676b0202c8b3b8fd98c6bb6238ef8b1\"\u003e\u003ccode\u003ed81d422\u003c/code\u003e\u003c/a\u003e fix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DataDog/openfeature-js-client/commits/@datadog/openfeature-node-server@2.0.0/packages/node-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/elasticsearch` from 9.4.0 to 9.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elasticsearch-js/releases\"\u003e@​elastic/elasticsearch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.4.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.2\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.4.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.1\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/436cd88c09899bbbb48fc53174d08e8f73371a41\"\u003e\u003ccode\u003e436cd88\u003c/code\u003e\u003c/a\u003e bump 9.4.2 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3309\"\u003e#3309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/6cd7358e05b0fb70572f2766963ac44493e43417\"\u003e\u003ccode\u003e6cd7358\u003c/code\u003e\u003c/a\u003e fix: bulk operations check too strict [backport] (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3311\"\u003e#3311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/cabdb6606def80e8410d051c45d2e4f151541785\"\u003e\u003ccode\u003ecabdb66\u003c/code\u003e\u003c/a\u003e fix: backport globby removal and junit CI fixes to 9.4 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3303\"\u003e#3303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/47ca4ab865ff4fefb1e679d03078c90f3bb4b490\"\u003e\u003ccode\u003e47ca4ab\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3300\"\u003e#3300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/78a4391d247c7e1bef9f70264c053c981a9424a9\"\u003e\u003ccode\u003e78a4391\u003c/code\u003e\u003c/a\u003e [9.4] chore: update ESM patching for apache-arrow (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3294\"\u003e#3294\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3295\"\u003e#3295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/b88dca6c76756aa354f69ff0069fd40f4c198084\"\u003e\u003ccode\u003eb88dca6\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3290\"\u003e#3290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/bd7b2af7a6d2de7a09ebaf7ea725bbe57723d3d9\"\u003e\u003ccode\u003ebd7b2af\u003c/code\u003e\u003c/a\u003e 9.4.1 changelog (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3284\"\u003e#3284\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3285\"\u003e#3285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/4ff8dce1ae7ef54e514feac06925df94dbe8049a\"\u003e\u003ccode\u003e4ff8dce\u003c/code\u003e\u003c/a\u003e bump to 9.4.1 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3283\"\u003e#3283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/588c55aa25e438ef93f3d7bee46eb1964e0e1378\"\u003e\u003ccode\u003e588c55a\u003c/code\u003e\u003c/a\u003e [9.4] fix: throw errors properly when bulk helper uses a stream (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3281\"\u003e#3281\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3282\"\u003e#3282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elastic/elasticsearch-js/compare/v9.4.0...v9.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/transport` from 9.3.5 to 9.3.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elastic-transport-js/releases\"\u003e@​elastic/transport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.3.6\u003c/h2\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse Buffer.concat for UTF-8 response body to prevent multi-byte character corruption by \u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent false NoLivingConnectionsError in WeightedConnectionPool by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/369\"\u003eelastic/elastic-transport-js#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprevent ConnectionError with empty message by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/370\"\u003eelastic/elastic-transport-js#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eensure Error.cause propagates by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/371\"\u003eelastic/elastic-transport-js#371\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse correct content-type on empty requests by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/372\"\u003eelastic/elastic-transport-js#372\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5ef792abf78ba81e534e6dff0f398cef63b20383\"\u003e\u003ccode\u003e5ef792a\u003c/code\u003e\u003c/a\u003e fix: use correct content-type on empty requests (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/d619d0d462c40104aca949a79a3e420c0037d4e9\"\u003e\u003ccode\u003ed619d0d\u003c/code\u003e\u003c/a\u003e fix: ensure Error.cause propagates (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5f1eab1b44707d6afb8c54513893ffc3e8c53fd8\"\u003e\u003ccode\u003e5f1eab1\u003c/code\u003e\u003c/a\u003e fix: prevent ConnectionError with empty message (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/d00c23dbc62e76df170c14ecf69e447e1cdbc8d3\"\u003e\u003ccode\u003ed00c23d\u003c/code\u003e\u003c/a\u003e Prevent false NoLivingConnectionsError in WeightedConnectionPool (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/369\"\u003e#369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/2db86c63645189d51edde2608873b9dc303173d7\"\u003e\u003ccode\u003e2db86c6\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to e989123 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/368\"\u003e#368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5895e4b8b52a1c8b9d9de43cdc424c0621613bb3\"\u003e\u003ccode\u003e5895e4b\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/setup-node digest to 48b55a0 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/a2f607ced1208e135bfe70f7b48cb8109f42f463\"\u003e\u003ccode\u003ea2f607c\u003c/code\u003e\u003c/a\u003e fix: use Buffer.concat for UTF-8 response body to prevent multi-byte characte...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5e789a3b51abef559a3417e91a6a5d7cbf54aa9a\"\u003e\u003ccode\u003e5e789a3\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to bb20cf7 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/09b619dca674c085b70676ec25d8297f7ddaf595\"\u003e\u003ccode\u003e09b619d\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/setup-node digest to 53b8394 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/361\"\u003e#361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.14.3 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.14.3...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 2.0.3 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: stub ws types to prevent them leaking in public types by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/359\"\u003ehonojs/node-server#359\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ehttps://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/9e1cdee836baeb13f33e857a582b29546185c324\"\u003e\u003ccode\u003e9e1cdee\u003c/code\u003e\u003c/a\u003e 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b4ca62216c9b537f1e56e0282bc8b5ee5b953b26\"\u003e\u003ccode\u003eb4ca622\u003c/code\u003e\u003c/a\u003e fix: stub ws types to prevent them leaking in public types (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/359\"\u003e#359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.0 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aerospike` from 6.7.0 to 6.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/releases\"\u003eaerospike's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[6.7.1]\u003c/h2\u003e\n\u003cp\u003eRelease Date: May 26, 2026\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress node.js client vulnerabilities reported by Dependabot. [CLIENT-4732]\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e...\n\u003cul\u003e\n\u003cli\u003eas a development dependency from 9.0.5 to 9.0.9.\u003c/li\u003e\n\u003cli\u003eas a runtime dependency from 3.1.2 to 3.1.5.\u003c/li\u003e\n\u003cli\u003eThis addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-27904\u003c/li\u003e\n\u003cli\u003eCVE-2026-27903\u003c/li\u003e\n\u003cli\u003eCVE-2026-26996\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003etar\u003c/code\u003e from 7.5.7 to 7.5.15. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-29786\u003c/li\u003e\n\u003cli\u003eCVE-2026-31802\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003epicomatch\u003c/code\u003e from 4.0.3 to 4.0.4. This addresses CVE-2026-33671.\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eprotobufjs\u003c/code\u003e from 7.5.4 to 7.5.8. This addresses the following vulnerabilities where protobufjs...\n\u003cul\u003e\n\u003cli\u003eis a runtime dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-41242\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eis a development dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-44291\u003c/li\u003e\n\u003cli\u003eCVE-2026-44290\u003c/li\u003e\n\u003cli\u003eCVE-2026-44293\u003c/li\u003e\n\u003cli\u003eCVE-2026-44289\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump development dependency \u003ccode\u003eflatted\u003c/code\u003e from 3.3.3 to 3.4.2. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-33228\u003c/li\u003e\n\u003cli\u003eCVE-2026-32141\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ehttps://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e64dca8645265de9f1c9fb697304296f0342474d\"\u003e\u003ccode\u003ee64dca8\u003c/code\u003e\u003c/a\u003e Forgot to update the rest of the jobs in the stage tests to convert the runne...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e7e1fdfe4240ff118ff388f4205b121f9b4ae3e1\"\u003e\u003ccode\u003ee7e1fdf\u003c/code\u003e\u003c/a\u003e Fix syntax. TODO should add actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c90678774e1f049310b04a5cdfdc7a14e2b6b9dc\"\u003e\u003ccode\u003ec906787\u003c/code\u003e\u003c/a\u003e Use shared workflow from aerospike/aerospike-client-python from dev commit no...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/35145f29ac91c6ac8e2f8a68bc89a22b71a263c5\"\u003e\u003ccode\u003e35145f2\u003c/code\u003e\u003c/a\u003e Fix syntax error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6486f505e6857c80e362349f39168dff84ddcf32\"\u003e\u003ccode\u003e6486f50\u003c/code\u003e\u003c/a\u003e Use the same syntax in aerospike-client-python to pass encoded json output to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/ff05b8cb767992e3a4354556e70fb56a0498be74\"\u003e\u003ccode\u003eff05b8c\u003c/code\u003e\u003c/a\u003e Rename SMA2 self hosted macos runner to the default labels used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/affd51c22e4cc317d5e186d29a25adf04c82b42d\"\u003e\u003ccode\u003eaffd51c\u003c/code\u003e\u003c/a\u003e Bump version to 6.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c12499bdda4d9730d0319a4dc7c6c88a44bf1ee1\"\u003e\u003ccode\u003ec12499b\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Bump version to 6.7.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6b6da3ae8379de9536d392a8961caba3e7556a2a\"\u003e\u003ccode\u003e6b6da3a\u003c/code\u003e\u003c/a\u003e Fix bug where artifacts for release bundles are built for the wrong revision ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/242ad5bdbb487080a273bdc31b65f3fb899d3c68\"\u003e\u003ccode\u003e242ad5b\u003c/code\u003e\u003c/a\u003e Fix usage of promote-and-optionally-tag-release-bundle.yml in stage workflow.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bullmq` from 5.76.10 to 5.77.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/taskforcesh/bullmq/releases\"\u003ebullmq's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.77.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.5...v5.77.6\"\u003e5.77.6\u003c/a\u003e (2026-05-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e change NodeRedisRawClient to be node-redis compliant (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4195\"\u003e#4195\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/81709e4abe71f4e7c05c748938ec004a50c1fd4b\"\u003e81709e4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.4...v5.77.5\"\u003e5.77.5\u003c/a\u003e (2026-05-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econnection:\u003c/strong\u003e handle cluster reconnection with timeouts (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4186\"\u003e#4186\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/411690e9070ba0dda59a86628fc8b56ad9ebea04\"\u003e411690e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.3...v5.77.4\"\u003e5.77.4\u003c/a\u003e (2026-05-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ededuplication:\u003c/strong\u003e preserve custom jobId when requeuing keepLastIfActive proto-jobs (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4190\"\u003e#4190\u003c/a\u003e) fixes \u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4030\"\u003e#4030\u003c/a\u003e (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e4972e8fd721035d680ca291049134c3876f8ba\"\u003e6e4972e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.2...v5.77.3\"\u003e5.77.3\u003c/a\u003e (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003ePerformance Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebun-redis:\u003c/strong\u003e remove per-command serialization to enable implicit pipelining (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4188\"\u003e#4188\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/685b0744cfeb273778420835010ec1b16b23e22a\"\u003e685b074\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.1...v5.77.2\"\u003e5.77.2\u003c/a\u003e (2026-05-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econnection:\u003c/strong\u003e use more permissive typing on NodeRedisRawClient options (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4184\"\u003e#4184\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4187\"\u003e#4187\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/0feec14452865c419961edb9c733f9951b6a663f\"\u003e0feec14\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4170\"\u003e#4170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.0...v5.77.1\"\u003e5.77.1\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econnections:\u003c/strong\u003e make sure we do not mutate ioredis (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4182\"\u003e#4182\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/75a66af36f7d56c149e070826a20116ea1ef5e7b\"\u003e75a66af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.76.11...v5.77.0\"\u003e5.77.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/81709e4abe71f4e7c05c748938ec004a50c1fd4b\"\u003e\u003ccode\u003e81709e4\u003c/code\u003e\u003c/a\u003e fix(types): change NodeRedisRawClient to be node-redis compliant (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4195\"\u003e#4195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/411690e9070ba0dda59a86628fc8b56ad9ebea04\"\u003e\u003ccode\u003e411690e\u003c/code\u003e\u003c/a\u003e fix(connection): handle cluster reconnection with timeouts (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4186\"\u003e#4186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/e7d7d874f615cc06a581332f3a6fb6db22da4fb9\"\u003e\u003ccode\u003ee7d7d87\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.4 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4197\"\u003e#4197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e4972e8fd721035d680ca291049134c3876f8ba\"\u003e\u003ccode\u003e6e4972e\u003c/code\u003e\u003c/a\u003e fix(deduplication): preserve custom jobId when requeuing keepLastIfActive pro...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e20ecf370cf58ae0c72ac0e296b53f17724d6f3\"\u003e\u003ccode\u003e6e20ecf\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.3 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4193\"\u003e#4193\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/685b0744cfeb273778420835010ec1b16b23e22a\"\u003e\u003ccode\u003e685b074\u003c/code\u003e\u003c/a\u003e perf(bun-redis): remove per-command serialization to enable implicit pipelini...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/4b0571dd20a19116c3be8e9cc20da7c40f31c4eb\"\u003e\u003ccode\u003e4b0571d\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.2 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4189\"\u003e#4189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/0feec14452865c419961edb9c733f9951b6a663f\"\u003e\u003ccode\u003e0feec14\u003c/code\u003e\u003c/a\u003e fix(connection): use more permissive typing on NodeRedisRawClient options (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4\"\u003e#4\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/d8ed22297d4433d095ad669e845c35a30a18d918\"\u003e\u003ccode\u003ed8ed222\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.1 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/75a66af36f7d56c149e070826a20116ea1ef5e7b\"\u003e\u003ccode\u003e75a66af\u003c/code\u003e\u003c/a\u003e fix(connections): make sure we do not mutate ioredis (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4182\"\u003e#4182\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.76.10...v5.77.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 5.0.2 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `electron` from 42.1.0 to 42.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/electron/electron/releases\"\u003eelectron's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eelectron v42.3.0\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v42.3.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded Linux support for \u003ccode\u003eapp.getApplicationInfoForProtocol()\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51680\"\u003e#51680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded Notification.remove(), removeAll(), and removeGroup() static methods for macOS. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51691\"\u003e#51691\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51690\"\u003e43\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eAdded session support to net module requests from utility process. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51698\"\u003e#51698\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where \u003ccode\u003eprocess\u003c/code\u003e and other Node globals were undefined in ESM preload scripts when \u003ccode\u003econtextIsolation\u003c/code\u003e was disabled. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51726\"\u003e#51726\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51723\"\u003e43\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed native addon compilation failure with undefined msvc intrinsic from v8 headers. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51706\"\u003e#51706\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51705\"\u003e43\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Chromium to 148.0.7778.180. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51600\"\u003e#51600\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v42.2.0\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v42.2.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAllowed the \u003ccode\u003e--experimental-inspector-network-resource\u003c/code\u003e Node.js flag to be passed through Electron. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51378\"\u003e#51378\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51377\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed crash for Notification close. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51657\"\u003e#51657\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51656\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/51655\"\u003e43\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported fixes for a use-after-free in touch-event queue teardown, a runtime-effect validation gap in Skia image filters, and an integer overflow in the GLSL translator. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51646\"\u003e#51646\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackported fixes for an out-of-bounds write in WebAudio worklet setup, a heap overflow in the ANGLE GL backend, a use-after-free in the GTK Wayland platform, an accessibility tree-state validation issue, and an integer overflow in text bidi handling. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51666\"\u003e#51666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved performance of \u003ccode\u003eapp.getApplicationNameForProtocol()\u003c/code\u003e on Linux. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51628\"\u003e#51628\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocumentation changes: \u003ca href=\"https://redirect.github.com/electron/electron/pull/51688\"\u003e#51688\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/e0127e99aeaa66bb580538fc7409831b5248cccb\"\u003e\u003ccode\u003ee0127e9\u003c/code\u003e\u003c/a\u003e chore: bump chromium to 148.0.7778.180 (42-x-y) (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51600\"\u003e#51600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/b07916bfa5b7cb5056c36c0cf4769849941d7ce1\"\u003e\u003ccode\u003eb07916b\u003c/code\u003e\u003c/a\u003e ci: unpin homebrew version (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51762\"\u003e#51762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/6aac40e76ca1eace7b13f5c5451b586e010fe558\"\u003e\u003ccode\u003e6aac40e\u003c/code\u003e\u003c/a\u003e refactor: api::utilityProcessWrapper managed by cppgc (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50955\"\u003e#50955\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51752\"\u003e#51752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/bb52cd543ded7b33e1232c3d8d743c8fa8387d8e\"\u003e\u003ccode\u003ebb52cd5\u003c/code\u003e\u003c/a\u003e chore: do not require infr singoff for github workflows/actions (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51738\"\u003e#51738\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51\"\u003e#51\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/fd02b05625e0e4a950e45a67642d8fba95510689\"\u003e\u003ccode\u003efd02b05\u003c/code\u003e\u003c/a\u003e refactor: rm chore_add_electron_objects_to_wrappablepointertag.patch (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51734\"\u003e#51734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/34102a58a53d64c992d37bd745db49ecee1b5a30\"\u003e\u003ccode\u003e34102a5\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003eprocess\u003c/code\u003e undefined in ESM preload when contextIsolation is disabled (\u003ca href=\"https://redirect.github.com/electron/electron/issues/5\"\u003e#5\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/09d7d7af4d9e87dfe86f445790f0f699d3aedc96\"\u003e\u003ccode\u003e09d7d7a\u003c/code\u003e\u003c/a\u003e feat: add Linux support for \u003ccode\u003eapp.getApplicationInfoForProtocol()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/electron/issues/5\"\u003e#5\u003c/a\u003e… (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51680\"\u003e#51680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/bbf87a7d991ca4bafb03717adc157413fb729d18\"\u003e\u003ccode\u003ebbf87a7\u003c/code\u003e\u003c/a\u003e feat: add remove, removeAll, and removeGroup for notifications API (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51691\"\u003e#51691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/c9598c82e42f52b772e96b4b6d2bff04465fedde\"\u003e\u003ccode\u003ec9598c8\u003c/code\u003e\u003c/a\u003e feat: add http cache support to requests from utility process (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51698\"\u003e#51698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/102aebe84143dceb32e7de7ffed64755ca47c20d\"\u003e\u003ccode\u003e102aebe\u003c/code\u003e\u003c/a\u003e ci: set no color output during build (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51709\"\u003e#51709\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/electron/electron/compare/v42.1.0...v42.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.12.19 to 4.12.23\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.23\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(serve-static): normalize all backslashes in file paths, not just the first in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4962\"\u003ehonojs/hono#4962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(context): export the Context class publicly by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4543\"\u003ehonojs/hono#4543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(contribution): add AI Usage Policy by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4970\"\u003ehonojs/hono#4970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(compress): add contentTypeFilter option and \u003ccode\u003eCOMPRESSIBLE_CONTENT_TYPE_REGEX\u003c/code\u003e re-export by \u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4961\"\u003ehonojs/hono#4961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(utils/ipaddr): do not compress a single 0 group to \u003ccode\u003e::\u003c/code\u003e by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4971\"\u003ehonojs/hono#4971\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.22...v4.12.23\"\u003ehttps://github.com/honojs/hono/compare/v4.12.22...v4.12.23\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: update vitest to v4 and cleanups by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4952\"\u003ehonojs/hono#4952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(mime): specify charset parameter per MIME type instead of mechanical detection by \u003ca href=\"https://github.com/renatograsso10\"\u003e\u003ccode\u003e@​renatograsso10\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4912\"\u003ehonojs/hono#4912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(compress): respect Accept-Encoding when encoding option is set by \u003ca href=\"https://github.com/LeSingh1\"\u003e\u003ccode\u003e@​LeSingh1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4951\"\u003ehonojs/hono#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deno): echo negotiated WebSocket subprotocol in upgrade response by \u003ca href=\"https://github.com/ATOM00blue\"\u003e\u003ccode\u003e@​ATOM00blue\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4955\"\u003ehonojs/hono#4955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add msgpack as a compressible content type by \u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4957\"\u003ehonojs/hono#4957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/renatograsso10\"\u003e\u003ccode\u003e@​renatograsso10\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4912\"\u003ehonojs/hono#4912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/LeSingh1\"\u003e\u003ccode\u003e@​LeSingh1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4951\"\u003ehonojs/hono#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ATOM00blue\"\u003e\u003ccode\u003e@​ATOM00blue\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4955\"\u003ehonojs/hono#4955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4957\"\u003ehonojs/hono#4957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.21...v4.12.22\"\u003ehttps://github.com/honojs/hono/compare/v4.12.21...v4.12.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.21\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eapp.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eapp.mount()\u003c/code\u003e. Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3\u003c/p\u003e\n\u003ch3\u003eIP Restriction bypasses static deny rules for non-canonical IPv6\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/ip-restriction\u003c/code\u003e. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5\u003c/p\u003e\n\u003ch3\u003eCookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cookie\u003c/code\u003e. Fixes missing validation of \u003ccode\u003esameSite\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e options against injection characters (\u003ccode\u003e;\u003c/code\u003e, \u003ccode\u003e\\r\u003c/code\u003e, \u003ccode\u003e\\n\u003c/code\u003e), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x\u003c/p\u003e\n\u003ch3\u003eJWT middleware accepts any Authorization scheme, not only Bearer\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/jwt\u003c/code\u003e, \u003ccode\u003ehono/jwk\u003c/code\u003e. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use \u003ccode\u003eapp.mount()\u003c/code\u003e, \u003ccode\u003ehono/ip-restriction\u003c/code\u003e, \u003ccode\u003ehono/cookie\u003c/code\u003e, or \u003ccode\u003ehono/jwt\u003c/code\u003e/\u003ccode\u003ehono/jwk\u003c/code\u003e are encouraged to upgrade to this version.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/83bfb3bb4a12c1d92c163a39e907df5d662ff78d\"\u003e\u003ccode\u003e83bfb3b\u003c/code\u003e\u003c/a\u003e 4.12.23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/bcd290a64c0b392fd06d2bd1f256c5dc9835e4a4\"\u003e\u003ccode\u003ebcd290a\u003c/code\u003e\u003c/a\u003e fix(utils/ipaddr): do not compress a single 0 group to \u003ccode\u003e::\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4971\"\u003e#4971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c968177d9c11ddc7c7cca57c384497f11a6d60ae\"\u003e\u003ccode\u003ec968177\u003c/code\u003e\u003c/a\u003e feat(compress): add contentTypeFilter option and `COMPRESSIBLE_CONTENT_TYPE_R...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/0265a5453a7c272417eaa22b93d3fb319d2188ed\"\u003e\u003ccode\u003e0265a54\u003c/code\u003e\u003c/a\u003e docs(contribution): add AI Usage Policy (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4970\"\u003e#4970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c84c5d2d46ca6a78c316529491d42ab7bb956368\"\u003e\u003ccode\u003ec84c5d2\u003c/code\u003e\u003c/a\u003e feat(context): export the Context class publicly (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4543\"\u003e#4543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/82dad6297c90c33c41bf48b4530509a21588ad06\"\u003e\u003ccode\u003e82dad62\u003c/code\u003e\u003c/a\u003e fix(serve-static): normalize all backslashes in file paths, not just the firs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/2f01b774b168911d24e4864fb66054f5de9d9a4e\"\u003e\u003ccode\u003e2f01b77\u003c/code\u003e\u003c/a\u003e 4.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6bc0dff277684ee50ace6dc87a7ad73a9c131c99\"\u003e\u003ccode\u003e6bc0dff\u003c/code\u003e\u003c/a\u003e feat: add msgpack as a compressible content type (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4957\"\u003e#4957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/7e0555d14c72d4204347ac9afaae32ba5c013ab9\"\u003e\u003ccode\u003e7e0555d\u003c/code\u003e\u003c/a\u003e fix(deno): echo negotiated WebSocket subprotocol in upgrade response (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4955\"\u003e#4955\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f0ed2465913f2a89ebdf65cc54d6254915fc3ff6\"\u003e\u003ccode\u003ef0ed246\u003c/code\u003e\u003c/a\u003e fix(compress): respect Accept-Encoding when encoding option is set (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4951\"\u003e#4951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.19...v4.12.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `koa` from 3.2.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/koa/releases\"\u003ekoa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: request.length overflows on Content-Length \u0026gt; 2GB by \u003ca href=\"https://github.com/tejgokani\"\u003e\u003ccode\u003e@​tejgokani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1961\"\u003ekoajs/koa#1961\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tejgokani\"\u003e\u003ccode\u003e@​tejgokani\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1961\"\u003ekoajs/koa#1961\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.2.0...v3.2.1\"\u003ehttps://github.com/koajs/koa/compare/v3.2.0...v3.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/6984592d41946ed746f15afcb05554e073f64dad\"\u003e\u003ccode\u003e6984592\u003c/code\u003e\u003c/a\u003e 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/3f3ac48904229f807939d13ab49fdf8262a7aa08\"\u003e\u003ccode\u003e3f3ac48\u003c/code\u003e\u003c/a\u003e fix: request.length overflows on Content-Length \u0026gt; 2GB (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1961\"\u003e#1961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/koajs/koa/compare/v3.2.0...v3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mariadb` from 3.4.5 to 3.5.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/releases\"\u003emariadb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eMariaDB Connector/Node.js 3.5.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.2\"\u003e3.5.2\u003c/a\u003e (Mar 2026)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.5.1...3.5.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-342 Resolved TypeScript compilation errors introduced in mariadb-connector-nodejs v3.5.1\u003c/li\u003e\n\u003cli\u003eCONJS-343 Fixed an issue where batch operations would hang when provided with empty array parameter values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMariaDB Connector/Node.js 3.5.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.1\"\u003e3.5.1\u003c/a\u003e (Feb 2026)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.5.0-rc.0...3.5.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-338 Add asyncDispose support for Connection, PoolConnection and Pool \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/250\"\u003e#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-339 Add default type parameter to Prepare interface and fix executeStream generic \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/334\"\u003e#334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-339 Add wildcard for values params on Prepare\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-331 Plugin authentication change correction\u003c/li\u003e\n\u003cli\u003eCONJS-335 Deno compatibility: send COM_QUIT synchronously to prevent socket cleanup race condition\u003c/li\u003e\n\u003cli\u003eCONJS-336 Connection attribute _server_host send host, but IP resulting of name resolution\u003c/li\u003e\n\u003cli\u003eCONJS-340 Fix pool connection event to emit wrapped connections and prevent user errors from breaking pool \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/342\"\u003e#342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-341 Support charset + collation combination in connection options \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/337\"\u003e#337\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMariaDB Connector/Node.js 3.5.0 RC\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.0-rc.0\"\u003e3.5.0-rc.0\u003c/a\u003e (Oct 2025)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.4.5...3.5.0-rc.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-326 migrate from commonJS to ESM\u003c/li\u003e\n\u003cli\u003eCONJS-325\tdeno compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-328 Fix minimumIdle option to maintain baseline idle connections\u003c/li\u003e\n\u003cli\u003eCONJS-330 caching_sha2_password: avoid requiring RSA key pair when connecting via Unix socket\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/blob/main/CHANGELOG.md\"\u003emariadb's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.2\"\u003e3.5.2\u003c/a\u003e (Mar 2026)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.5.1...3.5.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-342 Resolved TypeScript compilation errors introduced in mariadb-connector-nodejs v3.5.1\u003c/li\u003e\n\u003cli\u003eCONJS-343 Fixed an issue where batch operations would hang when provided with empty array parameter values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.1\"\u003e3.5.1\u003c/a\u003e (Feb 2026)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.5.0-rc.0...3.5.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-338 Add asyncDispose support for Connection, PoolConnection and Pool \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/250\"\u003e#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-339 Add default type parameter to Prepare interface and fix executeStream generic \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/334\"\u003e#334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-339 Add wildcard for values params on Prepare\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-331 Plugin authentication change correction\u003c/li\u003e\n\u003cli\u003eCONJS-335 Deno compatibility: send COM_QUIT synchronously to prevent socket cleanup race condition\u003c/li\u003e\n\u003cli\u003eCONJS-336 Connection attribute _server_host send host, but IP resulting of name resolution\u003c/li\u003e\n\u003cli\u003eCONJS-340 Fix pool connection event to emit wrapped connections and prevent user errors from breaking pool \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/342\"\u003e#342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-341 Support charset + collation combination in connection options \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/337\"\u003e#337\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.0-rc.0\"\u003e3.5.0-rc.0\u003c/a\u003e (Oct 2025)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.4.5...3.5.0-rc.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-326 migrate from commonJS to ESM\u003c/li\u003e\n\u003cli\u003eCONJS-325\tdeno compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-328 Fix minimumIdle option to maintain baseline idle connections\u003c/li\u003e\n\u003cli\u003eCONJS-330 caching_sha2_password: avoid requiring RSA key pair when connecting via Unix socket\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/ca989158d2fcebe55317b09b3cf6333549df0d77\"\u003e\u003ccode\u003eca98915\u003c/code\u003e\u003c/a\u003e bump 3.5.2 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/e721d70015c6dbe01acfc59d75ae873e96faff34\"\u003e\u003ccode\u003ee721d70\u003c/code\u003e\u003c/a\u003e [misc] code style correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/87ca82e42cc4e91520c71d51726540a006c4c48f\"\u003e\u003ccode\u003e87ca82e\u003c/code\u003e\u003c/a\u003e [CONJS-343] batch hangs when having an empty parameters values \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/343\"\u003e#343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/e0548495f3a2ce8588676a89b1e9cd53bf296d7a\"\u003e\u003ccode\u003ee054849\u003c/code\u003e\u003c/a\u003e [CONJS-342] Move TypeScript type dependencies from peer to regular dependenci...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/be72ebf9fee6e0bd153b6ff6e0bb252f794dbf0e\"\u003e\u003ccode\u003ebe72ebf\u003c/code\u003e\u003c/a\u003e [perf] Optimize buffer copy in readBufferLengthEncodedCopy with subarray\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/dbd547268a5b06bed5a8294409a57255d166b3c4\"\u003e\u003ccode\u003edbd5472\u003c/code\u003e\u003c/a\u003e [CONJS-333] Optimize column type checking with buffer comparisons and pre-com...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/e71f8496803d342723dd6ee6c206ddb9616d5473\"\u003e\u003ccode\u003ee71f849\u003c/code\u003e\u003c/a\u003e [misc] Release version 3.5.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/82b639c2b93c4b7640080832fa7b96b267a8c3a0\"\u003e\u003ccode\u003e82b639c\u003c/code\u003e\u003c/a\u003e [misc] bump dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/a5ba9020a2f69911cb718063045fddbd5241d18f\"\u003e\u003ccode\u003ea5ba902\u003c/code\u003e\u003c/a\u003e [perf] Optimize execute command with bitwise operations and constant reuse\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/65b950882f03b3c1ce015a5047905c5cf65347eb\"\u003e\u003ccode\u003e65b9508\u003c/code\u003e\u003c/a\u003e [perf] Optimize parameter type checking and remove unused pipe property\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.4.5...3.5.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpd...\n\n_Description has been truncated_","html_url":"https://github.com/DataDog/dd-trace-js/pull/8737","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2Fdd-trace-js/issues/8737","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8737/packages"},{"uuid":"4527742235","node_id":"PR_kwDOMywM787flofU","number":26,"state":"closed","title":"deps: bump ejs from 5.0.2 to 6.0.1","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-26T21:52:29.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-26T21:50:24.000Z","updated_at":"2026-05-26T21:52:37.000Z","time_to_close":125,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps","packages":[{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"}],"path":null,"ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 5.0.2 to 6.0.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=5.0.2\u0026new-version=6.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/learn-shyam/simple-nodejs-app/pull/26","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/learn-shyam%2Fsimple-nodejs-app/issues/26","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/26/packages"},{"uuid":"4524129488","node_id":"PR_kwDORmUFUs7fZ2_S","number":160,"state":"open","title":"build(deps): bump ejs from 5.0.2 to 6.0.1","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T12:33:54.000Z","updated_at":"2026-05-26T12:34:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"}],"path":null,"ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 5.0.2 to 6.0.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=5.0.2\u0026new-version=6.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Battle-Cattle/BCUK-Bot-4/pull/160","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Battle-Cattle%2FBCUK-Bot-4/issues/160","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/160/packages"},{"uuid":"4522954470","node_id":"PR_kwDOGxPQGc7fWCwC","number":6,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 31 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T09:10:49.000Z","updated_at":"2026-05-26T09:17:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":31,"packages":[{"name":"swiper","old_version":"8.0.2","new_version":"12.1.2","repository_url":"https://github.com/nolimits4web/Swiper"},{"name":"postcss","old_version":"8.4.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"@babel/helpers","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.9.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"axios","old_version":"0.21.4","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"cookie","old_version":"0.4.1","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"express","old_version":"4.17.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.2","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"node-forge","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"react-router","old_version":"6.2.1","new_version":"6.30.3","repository_url":"https://github.com/remix-run/react-router"},{"name":"rollup","old_version":"2.66.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.68.0","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"ws","old_version":"8.4.2","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.6","new_version":"7.5.11","repository_url":"https://github.com/websockets/ws"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 25 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [swiper](https://github.com/nolimits4web/Swiper) | `8.0.2` | `12.1.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.6` | `8.5.10` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.16.7` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.16.7` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.9.0` | `8.20.0` |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.2` | `2.0.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.2.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.2.1` | `6.30.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.66.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.68.0` | `5.107.2` |\n| [ws](https://github.com/websockets/ws) | `8.4.2` | `8.21.0` |\n| [ws](https://github.com/websockets/ws) | `7.5.6` | `7.5.11` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `swiper` from 8.0.2 to 12.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/Swiper/releases\"\u003eswiper's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev12.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev12.1.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.1.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e fixed reference to nav arrows SVG (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0b17ecf56bf941e4a5da2a2c171d5e16a9e4552b\"\u003e0b17ecf\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8115\"\u003e#8115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e add 'getRotateFix' export to effect utils (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/c97ae5d0069cf3d5c745efb63ced9924a64d2453\"\u003ec97ae5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8114\"\u003e#8114\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.2\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e add styles for when buttons set before slider (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/4588c5719d4d828548c34f456de099f621f4c709\"\u003e4588c57\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8085\"\u003e#8085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e new \u003ccode\u003eaddIcons\u003c/code\u003e parameter to add SVG icons to nav buttons (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/b955b0c15c3b813bbda7a68cdd250f8a822015df\"\u003eb955b0c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8088\"\u003e#8088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8087\"\u003e#8087\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e tweak nav styles when adjacent (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/98440d9621c2b06c1c45edf8f4103ce5125e8231\"\u003e98440d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/swiper/blob/master/CHANGELOG.md\"\u003eswiper's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.3...v12.1.4\"\u003e12.1.4\u003c/a\u003e (2026-04-29)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove redundant aria-disabled=false from swiper nav button (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8176\"\u003e#8176\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/673092978a54ee3aff82633dd50880011a2a362f\"\u003e6730929\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epackage:\u003c/strong\u003e add TS declarations for CSS files (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/ea3081b8c5863b297a240a0698804121c9e6c118\"\u003eea3081b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8055\"\u003e#8055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereact:\u003c/strong\u003e expose isFullyVisible in SwiperSlide render props (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8175\"\u003e#8175\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/3af0002acfc18a5ec450b3a2354d6187a64797e8\"\u003e3af0002\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.1...v12.1.3\"\u003e12.1.3\u003c/a\u003e (2026-03-24)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e use virtual slides count in onResize when virtual mode is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8163\"\u003e#8163\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/44000834d05ac339a9c4dfbaaa3f60c1a0631cff\"\u003e4400083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egrid:\u003c/strong\u003e round down \u003ccode\u003eslidesPerView\u003c/code\u003e before calculating number of slides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8172\"\u003e#8172\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/49a55ab2c89c63679cdd21d389ec7ef9d9d375f4\"\u003e49a55ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e add navigation button slots (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/cc8224177d5f577b672e37b9386f7388d71ba3c3\"\u003ecc82241\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.0...v12.1.1\"\u003e12.1.1\u003c/a\u003e (2026-02-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.0.3...v12.1.0\"\u003e12.1.0\u003c/a\u003e (2026-01-28)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/2fd88b718b6854e8d6be7f183e68b73b68dae816\"\u003e\u003ccode\u003e2fd88b7\u003c/code\u003e\u003c/a\u003e 12.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/d3e663322a13043ca63aaba235d8cf3900e0c8cf\"\u003e\u003ccode\u003ed3e6633\u003c/code\u003e\u003c/a\u003e fix prototype pollution bypass in extend() util\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/70c48c16f99affa29236ac13b16a37f43da38ae0\"\u003e\u003ccode\u003e70c48c1\u003c/code\u003e\u003c/a\u003e 12.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e\u003ccode\u003e3055008\u003c/code\u003e\u003c/a\u003e fix(a11y): fix focus in virtual mode enabled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e\u003ccode\u003e60b0052\u003c/code\u003e\u003c/a\u003e fix(core): avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e\u003ccode\u003e6bf76d5\u003c/code\u003e\u003c/a\u003e fix(types): support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e\u003ccode\u003e07738a2\u003c/code\u003e\u003c/a\u003e fix(core): prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8\"\u003e#8\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3a1777aa7aefe168eac330f308cedd8c3f4a81e4\"\u003e\u003ccode\u003e3a1777a\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3bc6cfe55421053864f6f53494841959748f332a\"\u003e\u003ccode\u003e3bc6cfe\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e\u003ccode\u003e45b98d0\u003c/code\u003e\u003c/a\u003e fix(core): support slidesOffsetBefore and slidesOffsetAfert in cssMode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v8.0.2...v12.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.9.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.21.4 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.21.4...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in...\n\n_Description has been truncated_","html_url":"https://github.com/muhammadali1995/muck-23/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/muhammadali1995%2Fmuck-23/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4517152658","node_id":"PR_kwDOSLqBrM7fDQFs","number":149,"state":"open","title":"build(deps): bump the bsv-workspace group across 1 directory with 59 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T13:12:03.000Z","updated_at":"2026-05-26T19:15:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bsv-workspace","update_count":59,"packages":[{"name":"@eslint/js","old_version":"9.39.4","new_version":"10.0.1","repository_url":"https://github.com/eslint/eslint"},{"name":"@jest/globals","old_version":"30.3.0","new_version":"30.4.1","repository_url":"https://github.com/jestjs/jest"},{"name":"@rspack/cli","old_version":"2.0.0","new_version":"2.0.4","repository_url":"https://github.com/web-infra-dev/rspack"},{"name":"@rspack/core","old_version":"1.7.11","new_version":"2.0.4","repository_url":"https://github.com/web-infra-dev/rspack"},{"name":"@types/node","old_version":"20.19.39","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint","old_version":"9.39.4","new_version":"10.4.0","repository_url":"https://github.com/eslint/eslint"},{"name":"globals","old_version":"15.15.0","new_version":"17.6.0","repository_url":"https://github.com/sindresorhus/globals"},{"name":"jest","old_version":"30.3.0","new_version":"30.4.2","repository_url":"https://github.com/jestjs/jest"},{"name":"jest-environment-jsdom","old_version":"30.3.0","new_version":"30.4.1","repository_url":"https://github.com/jestjs/jest"},{"name":"ts-jest","old_version":"29.4.9","new_version":"29.4.11","repository_url":"https://github.com/kulshekhar/ts-jest"},{"name":"typescript","old_version":"5.1.6","new_version":"6.0.3","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"typescript-eslint","old_version":"8.59.0","new_version":"8.60.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"webpack","old_version":"5.106.2","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"webpack-cli","old_version":"5.1.4","new_version":"7.0.2","repository_url":"https://github.com/webpack/webpack-cli"},{"name":"chalk","old_version":"4.1.2","new_version":"5.6.2","repository_url":"https://github.com/chalk/chalk"},{"name":"dotenv","old_version":"16.6.1","new_version":"17.4.2","repository_url":"https://github.com/motdotla/dotenv"},{"name":"@types/supertest","old_version":"6.0.3","new_version":"7.2.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@typescript-eslint/eslint-plugin","old_version":"8.59.0","new_version":"8.60.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/parser","old_version":"8.59.0","new_version":"8.60.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"ejs","old_version":"3.1.10","new_version":"5.0.2","repository_url":"https://github.com/mde/ejs"},{"name":"webpack-bundle-analyzer","old_version":"4.10.2","new_version":"5.3.0","repository_url":"https://github.com/webpack/webpack-bundle-analyzer"},{"name":"webpack-dev-server","old_version":"5.2.3","new_version":"5.2.4","repository_url":"https://github.com/webpack/webpack-dev-server"},{"name":"express","old_version":"4.22.1","new_version":"5.2.1","repository_url":"https://github.com/expressjs/express"},{"name":"joi","old_version":"18.1.2","new_version":"18.2.1","repository_url":"https://github.com/hapijs/joi"},{"name":"vitest","old_version":"4.1.5","new_version":"4.1.7","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"@types/mime-types","old_version":"2.1.4","new_version":"3.0.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@chainsafe/libp2p-noise","old_version":"16.1.5","new_version":"17.0.0","repository_url":"https://github.com/ChainSafe/js-libp2p-noise"},{"name":"@chainsafe/libp2p-yamux","old_version":"7.0.4","new_version":"8.0.1","repository_url":"https://github.com/ChainSafe/js-libp2p-yamux"},{"name":"@libp2p/bootstrap","old_version":"11.0.47","new_version":"12.0.22","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/crypto","old_version":"5.1.17","new_version":"5.1.18","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/identify","old_version":"3.0.39","new_version":"4.1.6","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/kad-dht","old_version":"15.1.11","new_version":"16.3.0","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/peer-id","old_version":"5.1.9","new_version":"6.0.9","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/ping","old_version":"2.0.37","new_version":"3.1.5","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/pnet","old_version":"2.0.47","new_version":"3.0.21","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/pubsub-peer-discovery","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/libp2p/js-libp2p-pubsub-peer-discovery"},{"name":"@libp2p/tcp","old_version":"10.1.19","new_version":"11.0.20","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@multiformats/multiaddr","old_version":"12.5.1","new_version":"13.0.3","repository_url":"https://github.com/multiformats/js-multiaddr"},{"name":"libp2p","old_version":"2.10.0","new_version":"3.3.1","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.3","repository_url":"https://github.com/privatenumber/tsx"},{"name":"mongodb-memory-server","old_version":"9.5.0","new_version":"11.1.0","repository_url":"https://github.com/typegoose/mongodb-memory-server"},{"name":"knex","old_version":"3.2.9","new_version":"3.2.10","repository_url":"https://github.com/knex/knex"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"react","old_version":"18.3.1","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"18.3.28","new_version":"19.2.15","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-dom","old_version":"18.3.1","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"@types/react-dom","old_version":"18.3.1","new_version":"19.2.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"ws","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"better-sqlite3","old_version":"12.9.0","new_version":"12.10.0","repository_url":"https://github.com/WiseLibs/better-sqlite3"},{"name":"mysql2","old_version":"3.22.2","new_version":"3.22.3","repository_url":"https://github.com/sidorares/node-mysql2"},{"name":"@types/diff","old_version":"6.0.0","new_version":"8.0.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"fs-extra","old_version":"11.3.4","new_version":"11.3.5","repository_url":"https://github.com/jprichardson/node-fs-extra"},{"name":"jest-diff","old_version":"30.3.0","new_version":"30.4.1","repository_url":"https://github.com/jestjs/jest"},{"name":"sqlite3","old_version":"5.1.7","new_version":"6.0.1","repository_url":"https://github.com/TryGhost/node-sqlite3"},{"name":"react-router-dom","old_version":"6.30.3","new_version":"7.15.1","repository_url":"https://github.com/remix-run/react-router"},{"name":"@shikijs/rehype","old_version":"1.29.2","new_version":"4.1.0","repository_url":"https://github.com/shikijs/shiki"},{"name":"@vitejs/plugin-react","old_version":"4.7.0","new_version":"6.0.2","repository_url":"https://github.com/vitejs/vite-plugin-react"},{"name":"mermaid","old_version":"11.14.0","new_version":"11.15.0","repository_url":"https://github.com/mermaid-js/mermaid"},{"name":"vite","old_version":"6.4.2","new_version":"8.0.14","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the bsv-workspace group with 59 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.39.4` | `10.0.1` |\n| [@jest/globals](https://github.com/jestjs/jest/tree/HEAD/packages/jest-globals) | `30.3.0` | `30.4.1` |\n| [@rspack/cli](https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli) | `2.0.0` | `2.0.4` |\n| [@rspack/core](https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack) | `1.7.11` | `2.0.4` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.19.39` | `25.9.1` |\n| [eslint](https://github.com/eslint/eslint) | `9.39.4` | `10.4.0` |\n| [globals](https://github.com/sindresorhus/globals) | `15.15.0` | `17.6.0` |\n| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `30.3.0` | `30.4.2` |\n| [jest-environment-jsdom](https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-jsdom) | `30.3.0` | `30.4.1` |\n| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.9` | `29.4.11` |\n| [typescript](https://github.com/microsoft/TypeScript) | `5.1.6` | `6.0.3` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.0` | `8.60.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.106.2` | `5.107.2` |\n| [webpack-cli](https://github.com/webpack/webpack-cli) | `5.1.4` | `7.0.2` |\n| [chalk](https://github.com/chalk/chalk) | `4.1.2` | `5.6.2` |\n| [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.4.2` |\n| [@types/supertest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/supertest) | `6.0.3` | `7.2.0` |\n| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.59.0` | `8.60.0` |\n| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.59.0` | `8.60.0` |\n| [ejs](https://github.com/mde/ejs) | `3.1.10` | `5.0.2` |\n| [webpack-bundle-analyzer](https://github.com/webpack/webpack-bundle-analyzer) | `4.10.2` | `5.3.0` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `5.2.3` | `5.2.4` |\n| [express](https://github.com/expressjs/express) | `4.22.1` | `5.2.1` |\n| [joi](https://github.com/hapijs/joi) | `18.1.2` | `18.2.1` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.5` | `4.1.7` |\n| [@types/mime-types](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mime-types) | `2.1.4` | `3.0.1` |\n| [@chainsafe/libp2p-noise](https://github.com/ChainSafe/js-libp2p-noise) | `16.1.5` | `17.0.0` |\n| [@chainsafe/libp2p-yamux](https://github.com/ChainSafe/js-libp2p-yamux) | `7.0.4` | `8.0.1` |\n| [@libp2p/bootstrap](https://github.com/libp2p/js-libp2p) | `11.0.47` | `12.0.22` |\n| [@libp2p/crypto](https://github.com/libp2p/js-libp2p) | `5.1.17` | `5.1.18` |\n| [@libp2p/identify](https://github.com/libp2p/js-libp2p) | `3.0.39` | `4.1.6` |\n| [@libp2p/kad-dht](https://github.com/libp2p/js-libp2p) | `15.1.11` | `16.3.0` |\n| [@libp2p/peer-id](https://github.com/libp2p/js-libp2p) | `5.1.9` | `6.0.9` |\n| [@libp2p/ping](https://github.com/libp2p/js-libp2p) | `2.0.37` | `3.1.5` |\n| [@libp2p/pnet](https://github.com/libp2p/js-libp2p) | `2.0.47` | `3.0.21` |\n| [@libp2p/pubsub-peer-discovery](https://github.com/libp2p/js-libp2p-pubsub-peer-discovery) | `11.0.2` | `12.0.0` |\n| [@libp2p/tcp](https://github.com/libp2p/js-libp2p) | `10.1.19` | `11.0.20` |\n| [@multiformats/multiaddr](https://github.com/multiformats/js-multiaddr) | `12.5.1` | `13.0.3` |\n| [libp2p](https://github.com/libp2p/js-libp2p) | `2.10.0` | `3.3.1` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.3` |\n| [mongodb-memory-server](https://github.com/typegoose/mongodb-memory-server/tree/HEAD/packages/mongodb-memory-server) | `9.5.0` | `11.1.0` |\n| [knex](https://github.com/knex/knex) | `3.2.9` | `3.2.10` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `18.3.1` | `19.2.6` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `18.3.28` | `19.2.15` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `18.3.1` | `19.2.6` |\n| [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) | `18.3.1` | `19.2.3` |\n| [ws](https://github.com/websockets/ws) | `8.20.0` | `8.21.0` |\n| [better-sqlite3](https://github.com/WiseLibs/better-sqlite3) | `12.9.0` | `12.10.0` |\n| [mysql2](https://github.com/sidorares/node-mysql2) | `3.22.2` | `3.22.3` |\n| [@types/diff](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/diff) | `6.0.0` | `8.0.0` |\n| [fs-extra](https://github.com/jprichardson/node-fs-extra) | `11.3.4` | `11.3.5` |\n| [jest-diff](https://github.com/jestjs/jest/tree/HEAD/packages/jest-diff) | `30.3.0` | `30.4.1` |\n| [sqlite3](https://github.com/TryGhost/node-sqlite3) | `5.1.7` | `6.0.1` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `6.30.3` | `7.15.1` |\n| [@shikijs/rehype](https://github.com/shikijs/shiki/tree/HEAD/packages/rehype) | `1.29.2` | `4.1.0` |\n| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `4.7.0` | `6.0.2` |\n| [mermaid](https://github.com/mermaid-js/mermaid) | `11.14.0` | `11.15.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.2` | `8.0.14` |\n\n\nUpdates `@eslint/js` from 9.39.4 to 10.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003e@​eslint/js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c87d5bded54c5cf491eb04c24c9d09bbbd42c23e\"\u003e\u003ccode\u003ec87d5bd\u003c/code\u003e\u003c/a\u003e fix: update eslint (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20531\"\u003e#20531\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d84100115c14691691058f00779c94e74fca946a\"\u003e\u003ccode\u003ed841001\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003eminimatch\u003c/code\u003e to \u003ccode\u003e10.2.1\u003c/code\u003e to address security vulnerabilities (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20519\"\u003e#20519\u003c/a\u003e) (루밀LuMir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/04c21475b3004904948f02049f2888b401d82c78\"\u003e\u003ccode\u003e04c2147\u003c/code\u003e\u003c/a\u003e fix: update error message for unused suppressions (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20496\"\u003e#20496\u003c/a\u003e) (fnx)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/38b089c1726feac0e31a31d47941bd99e29ce003\"\u003e\u003ccode\u003e38b089c\u003c/code\u003e\u003c/a\u003e fix: update dependency \u003ccode\u003e@​eslint/config-array\u003c/code\u003e to ^0.23.1 (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20484\"\u003e#20484\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5b3dbce50a1404a9f118afe810cefeee79388a2a\"\u003e\u003ccode\u003e5b3dbce\u003c/code\u003e\u003c/a\u003e docs: add AI acknowledgement section to templates (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20431\"\u003e#20431\u003c/a\u003e) (루밀LuMir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6f23076037d5879f20fb3be2ef094293b1e8d38c\"\u003e\u003ccode\u003e6f23076\u003c/code\u003e\u003c/a\u003e docs: toggle nav in no-JS mode (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20476\"\u003e#20476\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b69cfb32a16c5d5e9986390d484fae1d21e406f9\"\u003e\u003ccode\u003eb69cfb3\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e5c281ffd038a3a7a3e5364db0b9378e0ad83020\"\u003e\u003ccode\u003ee5c281f\u003c/code\u003e\u003c/a\u003e chore: updates for v9.39.3 release (Jenkins)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8c3832adb77cd993b4a24891900d5eeaaf093cdc\"\u003e\u003ccode\u003e8c3832a\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to ^8.56.0 (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20514\"\u003e#20514\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8330d238ae6adb68bb6a1c9381e38cfedd990d94\"\u003e\u003ccode\u003e8330d23\u003c/code\u003e\u003c/a\u003e test: add tests for config-api (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20493\"\u003e#20493\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/37d6e91e88fa6a2ca6d8726679096acff21ba6cc\"\u003e\u003ccode\u003e37d6e91\u003c/code\u003e\u003c/a\u003e chore: remove eslint v10 prereleases from eslint-config-eslint deps (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20494\"\u003e#20494\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/da7cd0e79197ad16e17052eef99df141de6dbfb1\"\u003e\u003ccode\u003eda7cd0e\u003c/code\u003e\u003c/a\u003e refactor: cleanup error message templates (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20479\"\u003e#20479\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/84fb885d49ac810e79a9491276b4828b53d913e5\"\u003e\u003ccode\u003e84fb885\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release (Jenkins)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1f667344b57c4c09b548d94bcfac1f91b6e5c63d\"\u003e\u003ccode\u003e1f66734\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003eeslint\u003c/code\u003e to \u003ccode\u003epeerDependencies\u003c/code\u003e of \u003ccode\u003e@eslint/js\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20467\"\u003e#20467\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.0\u003c/h2\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9e54f43a5e497cdfa179338b431093245cb787b\"\u003e\u003ccode\u003ef9e54f4\u003c/code\u003e\u003c/a\u003e feat!: estimate rule-tester failure location (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20420\"\u003e#20420\u003c/a\u003e) (ST-DDT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a176319d8ade1a7d9b2d7fb8f038f55a2662325f\"\u003e\u003ccode\u003ea176319\u003c/code\u003e\u003c/a\u003e feat!: replace \u003ccode\u003echalk\u003c/code\u003e with \u003ccode\u003estyleText\u003c/code\u003e and add \u003ccode\u003ecolor\u003c/code\u003e to \u003ccode\u003eResultsMeta\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20227\"\u003e#20227\u003c/a\u003e) (루밀LuMir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c7046e6c1e03c4ca0eee4888a1f2eba4c6454f84\"\u003e\u003ccode\u003ec7046e6\u003c/code\u003e\u003c/a\u003e feat!: enable JSX reference tracking (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20152\"\u003e#20152\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fa31a608901684fbcd9906d1907e66561d16e5aa\"\u003e\u003ccode\u003efa31a60\u003c/code\u003e\u003c/a\u003e feat!: add \u003ccode\u003ename\u003c/code\u003e to configs (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20015\"\u003e#20015\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/3383e7ec9028166cafc8ea7986c2f7498d0049f0\"\u003e\u003ccode\u003e3383e7e\u003c/code\u003e\u003c/a\u003e fix!: remove deprecated \u003ccode\u003eSourceCode\u003c/code\u003e methods (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20137\"\u003e#20137\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/501abd0e916a35554c58b7c0365537f1fa3880ce\"\u003e\u003ccode\u003e501abd0\u003c/code\u003e\u003c/a\u003e feat!: update dependency minimatch to v10 (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20246\"\u003e#20246\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca4d3b40085de47561f89656a2207d09946ed45e\"\u003e\u003ccode\u003eca4d3b4\u003c/code\u003e\u003c/a\u003e fix!: stricter rule tester assertions for valid test cases (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20125\"\u003e#20125\u003c/a\u003e) (唯然)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/96512a66c86402fb0538cdcb6cd30b9073f6bf3b\"\u003e\u003ccode\u003e96512a6\u003c/code\u003e\u003c/a\u003e fix!: Remove deprecated rule context methods (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20086\"\u003e#20086\u003c/a\u003e) (Nicholas C. Zakas)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c69fdacdb2e886b9d965568a397aa8220db3fe90\"\u003e\u003ccode\u003ec69fdac\u003c/code\u003e\u003c/a\u003e feat!: remove eslintrc support (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20037\"\u003e#20037\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/208b5cc34a8374ff81412b5bec2e0800eebfbd04\"\u003e\u003ccode\u003e208b5cc\u003c/code\u003e\u003c/a\u003e feat!: Use \u003ccode\u003eScopeManager#addGlobals()\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20132\"\u003e#20132\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a2ee188ea7a38a0c6155f3d39e2b00e1d0f36e14\"\u003e\u003ccode\u003ea2ee188\u003c/code\u003e\u003c/a\u003e fix!: add \u003ccode\u003euniqueItems: true\u003c/code\u003e in \u003ccode\u003eno-invalid-regexp\u003c/code\u003e option (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20155\"\u003e#20155\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a89059dbf2832d417dd493ee81483227ec44e4ab\"\u003e\u003ccode\u003ea89059d\u003c/code\u003e\u003c/a\u003e feat!: Program range span entire source text (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20133\"\u003e#20133\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/39a6424373d915fa9de0d7b0caba9a4dc3da9b53\"\u003e\u003ccode\u003e39a6424\u003c/code\u003e\u003c/a\u003e fix!: assert 'text' is a string across all RuleFixer methods (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20082\"\u003e#20082\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f28fbf846244e043c92b355b224d121b06140b44\"\u003e\u003ccode\u003ef28fbf8\u003c/code\u003e\u003c/a\u003e fix!: Deprecate \u003ccode\u003e\u0026quot;always\u0026quot;\u003c/code\u003e and \u003ccode\u003e\u0026quot;as-needed\u0026quot;\u003c/code\u003e options of the \u003ccode\u003eradix\u003c/code\u003e rule (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20223\"\u003e#20223\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/aa3fb2b233e929b37220be940575f42c280e0b98\"\u003e\u003ccode\u003eaa3fb2b\u003c/code\u003e\u003c/a\u003e fix!: tighten \u003ccode\u003efunc-names\u003c/code\u003e schema (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20119\"\u003e#20119\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f6c0ed0311dcfee853367d5068c765d066e6b756\"\u003e\u003ccode\u003ef6c0ed0\u003c/code\u003e\u003c/a\u003e feat!: report \u003ccode\u003eeslint-env\u003c/code\u003e comments as errors (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20128\"\u003e#20128\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/4bf739fb533e59f7f0a66b65f7bc80be0f37d8db\"\u003e\u003ccode\u003e4bf739f\u003c/code\u003e\u003c/a\u003e fix!: remove deprecated \u003ccode\u003eLintMessage#nodeType\u003c/code\u003e and \u003ccode\u003eTestCaseError#type\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20096\"\u003e#20096\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/523c076866400670fb2192a3f55dbf7ad3469247\"\u003e\u003ccode\u003e523c076\u003c/code\u003e\u003c/a\u003e feat!: drop support for jiti \u0026lt; 2.2.0 (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20016\"\u003e#20016\u003c/a\u003e) (michael faith)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/454a292c95f34dad232411ddac06408e6383bb64\"\u003e\u003ccode\u003e454a292\u003c/code\u003e\u003c/a\u003e feat!: update \u003ccode\u003eeslint:recommended\u003c/code\u003e configuration (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20210\"\u003e#20210\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/4f880ee02992e1bf0e96ebaba679985e2d1295f1\"\u003e\u003ccode\u003e4f880ee\u003c/code\u003e\u003c/a\u003e feat!: remove \u003ccode\u003ev10_*\u003c/code\u003e and inactive \u003ccode\u003eunstable_*\u003c/code\u003e flags (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20225\"\u003e#20225\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f18115c363a4ac7671a4c7f30ee13d57ebba330f\"\u003e\u003ccode\u003ef18115c\u003c/code\u003e\u003c/a\u003e feat!: \u003ccode\u003eno-shadow-restricted-names\u003c/code\u003e report \u003ccode\u003eglobalThis\u003c/code\u003e by default (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20027\"\u003e#20027\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c6358c31fbd3937b92d89be2618ffdf5a774604e\"\u003e\u003ccode\u003ec6358c3\u003c/code\u003e\u003c/a\u003e feat!: Require Node.js \u003ccode\u003e^20.19.0 || ^22.13.0 || \u0026gt;=24\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20160\"\u003e#20160\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/bff9091927811497dbf066b0e3b85ecb37d43822\"\u003e\u003ccode\u003ebff9091\u003c/code\u003e\u003c/a\u003e feat: handle \u003ccode\u003eArray.fromAsync\u003c/code\u003e in \u003ccode\u003earray-callback-return\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20457\"\u003e#20457\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/290c594bb50c439fb71bc75521ee5360daa8c222\"\u003e\u003ccode\u003e290c594\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eself\u003c/code\u003e to \u003ccode\u003eno-implied-eval\u003c/code\u003e rule (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20468\"\u003e#20468\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/43677de07ebd6e14bfac40a46ad749ba783c45f2\"\u003e\u003ccode\u003e43677de\u003c/code\u003e\u003c/a\u003e feat: fix handling of function and class expression names in \u003ccode\u003eno-shadow\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20432\"\u003e#20432\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/84fb885d49ac810e79a9491276b4828b53d913e5\"\u003e\u003ccode\u003e84fb885\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1f667344b57c4c09b548d94bcfac1f91b6e5c63d\"\u003e\u003ccode\u003e1f66734\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003eeslint\u003c/code\u003e to \u003ccode\u003epeerDependencies\u003c/code\u003e of \u003ccode\u003e@eslint/js\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20467\"\u003e#20467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f3fbc2f60cbe2c718364feb8c3fc0452c0df3c56\"\u003e\u003ccode\u003ef3fbc2f\u003c/code\u003e\u003c/a\u003e chore: set \u003ccode\u003e@eslint/js\u003c/code\u003e version to 10.0.0 to skip releasing it (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20466\"\u003e#20466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b4b3127f8542c599ce2dea804b6582ebc40c993d\"\u003e\u003ccode\u003eb4b3127\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/0b14059491d830a49b3577931f4f68fbcfce6be5\"\u003e\u003ccode\u003e0b14059\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fa31a608901684fbcd9906d1907e66561d16e5aa\"\u003e\u003ccode\u003efa31a60\u003c/code\u003e\u003c/a\u003e feat!: add \u003ccode\u003ename\u003c/code\u003e to configs (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20015\"\u003e#20015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1e2cad5f6fa47ed6ed89d2a29798dda926d50990\"\u003e\u003ccode\u003e1e2cad5\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/454a292c95f34dad232411ddac06408e6383bb64\"\u003e\u003ccode\u003e454a292\u003c/code\u003e\u003c/a\u003e feat!: update \u003ccode\u003eeslint:recommended\u003c/code\u003e configuration (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20210\"\u003e#20210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c6358c31fbd3937b92d89be2618ffdf5a774604e\"\u003e\u003ccode\u003ec6358c3\u003c/code\u003e\u003c/a\u003e feat!: Require Node.js \u003ccode\u003e^20.19.0 || ^22.13.0 || \u0026gt;=24\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20160\"\u003e#20160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eslint/eslint/commits/v10.0.1/packages/js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@jest/globals` from 30.3.0 to 30.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jestjs/jest/releases\"\u003e@​jest/globals's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev30.4.1\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-runner, jest-schemas, jest-types]\u003c/code\u003e Allow custom runner configuration options via tuple format \u003ccode\u003e['runner-path', {options}]\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16141\"\u003e#16141\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Align CJS-from-ESM default export with Node: \u003ccode\u003emodule.exports\u003c/code\u003e is always the ESM default, \u003ccode\u003e__esModule\u003c/code\u003e unwrapping is no longer applied (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16143\"\u003e#16143\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jestjs/jest/compare/v30.4.0...v30.4.1\"\u003ehttps://github.com/jestjs/jest/compare/v30.4.0...v30.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev30.4.0\u003c/h2\u003e\n\u003cp\u003eBig release! 😀\u003c/p\u003e\n\u003cp\u003eMain feature is a rewrite of our custom runtime in preparation for stabilisation of native support of ESM. As part of that work \u003ccode\u003erequire(esm)\u003c/code\u003e module is now supported on Node 24.9+ (still requires \u003ccode\u003e--experimental-vm-modules\u003c/code\u003e like before).\u003c/p\u003e\n\u003cp\u003eIn addition we now support fake timers for the recently released \u003ccode\u003eTemporal\u003c/code\u003e API in Node v26.\u003c/p\u003e\n\u003cp\u003eReact 19 is also supported properly in \u003ccode\u003epretty-format\u003c/code\u003e, meaning snapshots of React components now work like they should.\u003c/p\u003e\n\u003cp\u003eDue to all the changes, there might be regressions that snuck in. Please report them!\u003c/p\u003e\n\u003cp\u003eFull list of changes below\u003c/p\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[babel-jest]\u003c/code\u003e Support collecting coverage from \u003ccode\u003e.mts\u003c/code\u003e, \u003ccode\u003e.cts\u003c/code\u003e (and other) files (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15994\"\u003e#15994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types]\u003c/code\u003e Add \u003ccode\u003e--collect-tests\u003c/code\u003e flag to discover and list tests without executing them (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16006\"\u003e#16006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-runner, jest-worker]\u003c/code\u003e Add \u003ccode\u003eworkerGracefulExitTimeout\u003c/code\u003e config option to control how long workers are given to exit before being force-killed (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15984\"\u003e#15984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Add support for \u003ccode\u003ejest.config.mts\u003c/code\u003e as a valid configuration file (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16005\"\u003e#16005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-reporters, jest-runner]\u003c/code\u003e \u003ccode\u003everbose\u003c/code\u003e and \u003ccode\u003esilent\u003c/code\u003e can now be set per-project; the project-level value overrides the global value for that project's tests (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16133\"\u003e#16133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Duration\u003c/code\u003e in \u003ccode\u003ejest.advanceTimersByTime()\u003c/code\u003e and \u003ccode\u003ejest.advanceTimersByTimeAsync()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Instant\u003c/code\u003e and \u003ccode\u003eTemporal.ZonedDateTime\u003c/code\u003e in \u003ccode\u003ejest.setSystemTime()\u003c/code\u003e and \u003ccode\u003euseFakeTimers({now})\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Support faking \u003ccode\u003eTemporal.Now.*\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16131\"\u003e#16131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-mock]\u003c/code\u003e Add \u003ccode\u003eclearMocksOnScope(scope)\u003c/code\u003e on \u003ccode\u003eModuleMocker\u003c/code\u003e for clearing every mock function exposed on a scope object (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16088\"\u003e#16088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-resolve]\u003c/code\u003e Add \u003ccode\u003ecanResolveSync()\u003c/code\u003e on \u003ccode\u003eResolver\u003c/code\u003e so callers can detect when a user-configured resolver only exports an \u003ccode\u003easync\u003c/code\u003e hook (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16064\"\u003e#16064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Use synchronous \u003ccode\u003eevaluate()\u003c/code\u003e for ES modules without top-level \u003ccode\u003eawait\u003c/code\u003e on Node versions that support it (v24.9+), and prefer the synchronous transform path when a sync transformer is configured (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16062\"\u003e#16062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Support \u003ccode\u003erequire()\u003c/code\u003e of ES modules on Node v24.9+ (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16074\"\u003e#16074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Validate TC39 import attributes (\u003ccode\u003ewith { type: 'json' }\u003c/code\u003e) on ESM imports (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16127\"\u003e#16127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/transform]\u003c/code\u003e Add \u003ccode\u003ecanTransformSync(filename)\u003c/code\u003e on \u003ccode\u003eScriptTransformer\u003c/code\u003e so callers can pick the sync vs async transform path (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16062\"\u003e#16062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-util]\u003c/code\u003e Add \u003ccode\u003eisError\u003c/code\u003e helper (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16076\"\u003e#16076\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[pretty-format]\u003c/code\u003e Support React 19 (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16123\"\u003e#16123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[expect-utils]\u003c/code\u003e Fix \u003ccode\u003etoStrictEqual\u003c/code\u003e failing on \u003ccode\u003estructuredClone\u003c/code\u003e results due to cross-realm constructor mismatch (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15959\"\u003e#15959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/expect-utils]\u003c/code\u003e Prevent \u003ccode\u003etoMatchObject\u003c/code\u003e/subset matching from throwing when encountering exotic iterables (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15952\"\u003e#15952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[fake-timers]\u003c/code\u003e Convert \u003ccode\u003eDate\u003c/code\u003e to milliseconds before passing to \u003ccode\u003e@sinonjs/fake-timers\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16029\"\u003e#16029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest]\u003c/code\u003e Export \u003ccode\u003eGlobalConfig\u003c/code\u003e and \u003ccode\u003eProjectConfig\u003c/code\u003e TypeScript types (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16132\"\u003e#16132\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jestjs/jest/blob/main/CHANGELOG.md\"\u003e@​jest/globals's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e30.4.1\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-runner, jest-schemas, jest-types]\u003c/code\u003e Allow custom runner configuration options via tuple format \u003ccode\u003e['runner-path', {options}]\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16141\"\u003e#16141\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Align CJS-from-ESM default export with Node: \u003ccode\u003emodule.exports\u003c/code\u003e is always the ESM default, \u003ccode\u003e__esModule\u003c/code\u003e unwrapping is no longer applied (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16143\"\u003e#16143\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e30.4.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[babel-jest]\u003c/code\u003e Support collecting coverage from \u003ccode\u003e.mts\u003c/code\u003e, \u003ccode\u003e.cts\u003c/code\u003e (and other) files (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15994\"\u003e#15994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types]\u003c/code\u003e Add \u003ccode\u003e--collect-tests\u003c/code\u003e flag to discover and list tests without executing them (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16006\"\u003e#16006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-runner, jest-worker]\u003c/code\u003e Add \u003ccode\u003eworkerGracefulExitTimeout\u003c/code\u003e config option to control how long workers are given to exit before being force-killed (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15984\"\u003e#15984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Add support for \u003ccode\u003ejest.config.mts\u003c/code\u003e as a valid configuration file (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16005\"\u003e#16005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-reporters, jest-runner]\u003c/code\u003e \u003ccode\u003everbose\u003c/code\u003e and \u003ccode\u003esilent\u003c/code\u003e can now be set per-project; the project-level value overrides the global value for that project's tests (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16133\"\u003e#16133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Duration\u003c/code\u003e in \u003ccode\u003ejest.advanceTimersByTime()\u003c/code\u003e and \u003ccode\u003ejest.advanceTimersByTimeAsync()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Instant\u003c/code\u003e and \u003ccode\u003eTemporal.ZonedDateTime\u003c/code\u003e in \u003ccode\u003ejest.setSystemTime()\u003c/code\u003e and \u003ccode\u003euseFakeTimers({now})\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Support faking \u003ccode\u003eTemporal.Now.*\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16131\"\u003e#16131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-mock]\u003c/code\u003e Add \u003ccode\u003eclearMocksOnScope(scope)\u003c/code\u003e on \u003ccode\u003eModuleMocker\u003c/code\u003e for clearing every mock function exposed on a scope object (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16088\"\u003e#16088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-resolve]\u003c/code\u003e Add \u003ccode\u003ecanResolveSync()\u003c/code\u003e on \u003ccode\u003eResolver\u003c/code\u003e so callers can detect when a user-configured resolver only exports an \u003ccode\u003easync\u003c/code\u003e hook (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16064\"\u003e#16064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Use synchronous \u003ccode\u003eevaluate()\u003c/code\u003e for ES modules without top-level \u003ccode\u003eawait\u003c/code\u003e on Node versions that support it (v24.9+), and prefer the synchronous transform path when a sync transformer is configured (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16062\"\u003e#16062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Support \u003ccode\u003erequire()\u003c/code\u003e of ES modules on Node v24.9+ (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16074\"\u003e#16074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Validate TC39 import attributes (\u003ccode\u003ewith { type: 'json' }\u003c/code\u003e) on ESM imports (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16127\"\u003e#16127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/transform]\u003c/code\u003e Add \u003ccode\u003ecanTransformSync(filename)\u003c/code\u003e on \u003ccode\u003eScriptTransformer\u003c/code\u003e so callers can pick the sync vs async transform path (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16062\"\u003e#16062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-util]\u003c/code\u003e Add \u003ccode\u003eisError\u003c/code\u003e helper (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16076\"\u003e#16076\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[pretty-format]\u003c/code\u003e Support React 19 (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16123\"\u003e#16123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[expect-utils]\u003c/code\u003e Fix \u003ccode\u003etoStrictEqual\u003c/code\u003e failing on \u003ccode\u003estructuredClone\u003c/code\u003e results due to cross-realm constructor mismatch (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15959\"\u003e#15959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/expect-utils]\u003c/code\u003e Prevent \u003ccode\u003etoMatchObject\u003c/code\u003e/subset matching from throwing when encountering exotic iterables (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15952\"\u003e#15952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[fake-timers]\u003c/code\u003e Convert \u003ccode\u003eDate\u003c/code\u003e to milliseconds before passing to \u003ccode\u003e@sinonjs/fake-timers\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16029\"\u003e#16029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest]\u003c/code\u003e Export \u003ccode\u003eGlobalConfig\u003c/code\u003e and \u003ccode\u003eProjectConfig\u003c/code\u003e TypeScript types (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16132\"\u003e#16132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus]\u003c/code\u003e Prevent crash when \u003ccode\u003easyncError\u003c/code\u003e is undefined for non-Error throws (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16003\"\u003e#16003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus, jest-jasmine2]\u003c/code\u003e Include \u003ccode\u003eError.cause\u003c/code\u003e in JSON \u003ccode\u003efailureMessages\u003c/code\u003e output (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15967\"\u003e#15967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Fix preset path resolution on Windows when the preset uses subpath \u003ccode\u003eexports\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15961\"\u003e#15961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Allow \u003ccode\u003ecollectCoverage\u003c/code\u003e and \u003ccode\u003ecoverageProvider\u003c/code\u003e in project config without a validation warning (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16132\"\u003e#16132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Project config validator now emits \u0026quot;is not supported in an individual project configuration\u0026quot; instead of \u0026quot;probably a typing mistake\u0026quot; for known global-only options (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16132\"\u003e#16132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-environment-node]\u003c/code\u003e Fix \u003ccode\u003e--localstorage-file\u003c/code\u003e warning on Node 25+ (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16086\"\u003e#16086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-reporters]\u003c/code\u003e Apply global coverage threshold to unmatched pattern files in addition to glob/path thresholds (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16137\"\u003e#16137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-reporters, jest-runner, jest-runtime, jest-transform]\u003c/code\u003e Fix coverage report not showing correct code coverage when using \u003ccode\u003eprojects\u003c/code\u003e config option (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16140\"\u003e#16140\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Resolve \u003ccode\u003eexpect\u003c/code\u003e and \u003ccode\u003e@jest/expect\u003c/code\u003e from the internal module registry so test-file imports share the same \u003ccode\u003eJestAssertionError\u003c/code\u003e as the global \u003ccode\u003eexpect\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16130\"\u003e#16130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Improve CJS-from-ESM interop: \u003ccode\u003e__esModule\u003c/code\u003e/Babel default unwrap, broader named-export coverage, and shared CJS singleton across importers (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16050\"\u003e#16050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Load \u003ccode\u003e.js\u003c/code\u003e files with ESM syntax but no \u003ccode\u003e\u0026quot;type\u0026quot;:\u0026quot;module\u0026quot;\u003c/code\u003e marker as native ESM (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16050\"\u003e#16050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Extend the \u003ccode\u003e.js\u003c/code\u003e-with-ESM-syntax fallback to \u003ccode\u003erequire()\u003c/code\u003e on Node v24.9+ - falls back to \u003ccode\u003erequire(esm)\u003c/code\u003e when the CJS parser rejects ESM syntax (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16078\"\u003e#16078\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Fix deadlocks and double-evaluation in concurrent ESM and wasm imports (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16050\"\u003e#16050\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jestjs/jest/commit/b3b4a09ed3005369dacc7466d1d2122797283785\"\u003e\u003ccode\u003eb3b4a09\u003c/code\u003e\u003c/a\u003e v30.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jestjs/jest/commit/5cbb21e0b3037edb42e503ec1a1ce80efad40c20\"\u003e\u003ccode\u003e5cbb21e\u003c/code\u003e\u003c/a\u003e v30.4.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jestjs/jest/commits/v30.4.1/packages/jest-globals\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@rspack/cli` from 2.0.0 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/web-infra-dev/rspack/releases\"\u003e@​rspack/cli's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eHighlights 💡\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eInline const with module declarations\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/web-infra-dev/rspack/pull/14032\"\u003e#14032\u003c/a\u003e): Previously, Rspack only inlined constant exports from leaf modules in the module graph. Now constant exports from any module can be inlined, even when that module also imports or re-exports other modules. In rare circular-reference cases this can make a TDZ error disappear, but we do not expect real projects to rely on TDZ errors, so Rspack prioritizes the optimization.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// constants.js\r\nimport './setup';\r\n\u003cp\u003eexport const ENABLE_EXPERIMENT = false;\u003c/p\u003e\n\u003cp\u003e// entry.js\u003cbr /\u003e\nimport { ENABLE_EXPERIMENT } from './constants';\u003c/p\u003e\n\u003cp\u003eif (ENABLE_EXPERIMENT) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Before: constants.js is not a leaf module, so the branch could keep\u003cbr /\u003e\n// reading the imported binding.\u003cbr /\u003e\nif (ENABLE_EXPERIMENT) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Now: the constant can still be inlined, so dead branches are easier\u003cbr /\u003e\n// to remove.\u003cbr /\u003e\nif (false) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTree shake namespace default reexport\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/web-infra-dev/rspack/pull/13980\"\u003e#13980\u003c/a\u003e): Previously, the \u003ccode\u003eimport * as a from './a'; export default a;\u003c/code\u003e pattern did not tree-shake \u003ccode\u003ea\u003c/code\u003e through the default export. Now Rspack further analyzes the default-exported namespace object and can remove unused exports from the original namespace module.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// a.js\r\nexport function used() {}\r\nexport function unused() {}\r\n\u003cp\u003e// bridge.js\u003cbr /\u003e\nimport * as a from './a';\u003cbr /\u003e\nexport default a;\u003c/p\u003e\n\u003cp\u003e// app.js\u003cbr /\u003e\nimport a from './bridge';\u003c/p\u003e\n\u003cp\u003ea.used();\u003c/p\u003e\n\u003cp\u003e// Before: both used and unused could be kept in the bundle.\u003cbr /\u003e\n// Now: unused can be tree-shaken.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/744af1e2015af1d84b2152b6029a158b1b8111e9\"\u003e\u003ccode\u003e744af1e\u003c/code\u003e\u003c/a\u003e chore: release v2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/c9e86b82f160eba29f6301dd8991b9761d5d44d0\"\u003e\u003ccode\u003ec9e86b8\u003c/code\u003e\u003c/a\u003e perf(cli): lazy load json stream helpers (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14079\"\u003e#14079\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/c0db17f3ac956fca0c0026a793b726d31c881afb\"\u003e\u003ccode\u003ec0db17f\u003c/code\u003e\u003c/a\u003e docs(cli): update cli option descriptions (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14071\"\u003e#14071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/361ecded84485d16477e5f7e15b836af4b1bdc6b\"\u003e\u003ccode\u003e361ecde\u003c/code\u003e\u003c/a\u003e fix(cli): remove process title startup overhead (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14061\"\u003e#14061\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/9a2ef243830e910ecea0092a77dad1c83a1f1b3a\"\u003e\u003ccode\u003e9a2ef24\u003c/code\u003e\u003c/a\u003e chore(deps): update patch npm dependencies (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14055\"\u003e#14055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/3c6700cddb9ace71b1864c45f3421ef427867bad\"\u003e\u003ccode\u003e3c6700c\u003c/code\u003e\u003c/a\u003e fix(cli): write logger trace output to file by default (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14022\"\u003e#14022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/dfcccd6e34f2a0558b90f42d826840bb3d05ce64\"\u003e\u003ccode\u003edfcccd6\u003c/code\u003e\u003c/a\u003e chore: release version 2.0.3 (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14015\"\u003e#14015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/ed2742a992ca46625fa1a565cda34c9a17e1c516\"\u003e\u003ccode\u003eed2742a\u003c/code\u003e\u003c/a\u003e chore: enable tsgo for dts generation (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/13952\"\u003e#13952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/399819617ef19514767979e8d83c1244e6e77b59\"\u003e\u003ccode\u003e3998196\u003c/code\u003e\u003c/a\u003e chore(deps): update patch npm dependencies (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/13959\"\u003e#13959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/45e3a8a7f2c6f623d4b14f49d5ff28dbf6a26799\"\u003e\u003ccode\u003e45e3a8a\u003c/code\u003e\u003c/a\u003e chore: enable Rslint for more packages and fix lint issues (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/13934\"\u003e#13934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/web-infra-dev/rspack/commits/v2.0.4/packages/rspack-cli\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@rspack/core` from 1.7.11 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/web-infra-dev/rspack/releases\"\u003e@​rspack/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eHighlights 💡\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eInline const with module declarations\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/web-infra-dev/rspack/pull/14032\"\u003e#14032\u003c/a\u003e): Previously, Rspack only inlined constant exports from leaf modules in the module graph. Now constant exports from any module can be inlined, even when that module also imports or re-exports other modules. In rare circular-reference cases this can make a TDZ error disappear, but we do not expect real projects to rely on TDZ errors, so Rspack prioritizes the optimization.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// constants.js\r\nimport './setup';\r\n\u003cp\u003eexport const ENABLE_EXPERIMENT = false;\u003c/p\u003e\n\u003cp\u003e// entry.js\u003cbr /\u003e\nimport { ENABLE_EXPERIMENT } from './constants';\u003c/p\u003e\n\u003cp\u003eif (ENABLE_EXPERIMENT) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Before: constants.js is not a leaf module, so the branch could keep\u003cbr /\u003e\n// reading the imported binding.\u003cbr /\u003e\nif (ENABLE_EXPERIMENT) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Now: the constant can still be inlined, so dead branches are easier\u003cbr /\u003e\n// to remove.\u003cbr /\u003e\nif (false) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTree shake namespace default reexport\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/web-infra-dev/rspack/pull/13980\"\u003e#13980\u003c/a\u003e): Previously, the \u003ccode\u003eimport * as a from './a'; export default a;\u003c/code\u003e pattern did not tree-shake \u003ccode\u003ea\u003c/code\u003e through the default export. Now Rspack further analyzes the default-exported namespace object and can remove unused exports from the original namespace module.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// a.js\r\nexport function used() {}\r\nexport function unused() {}\r\n\u003cp\u003e// bridge.js\u003cbr /\u003e\nimport * as a from './a';\u003cbr /\u003e\nexport default a;\u003c/p\u003e\n\u003cp\u003e// app.js\u003cbr /\u003e\nimport a from './bridge';\u003c/p\u003e\n\u003cp\u003ea.used();\u003c/p\u003e\n\u003cp\u003e// Before: both used and unused could be kept in the bundle.\u003cbr /\u003e\n// Now: unused can be tree-shaken.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/744af1e2015af1d84b2152b6029a158b1b8111e9\"\u003e\u003ccode\u003e744af1e\u003c/code\u003e\u003c/a\u003e chore: release v2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/eb7ba47dc3eb628bb7f05eafe808d04cbba2b16b\"\u003e\u003ccode\u003eeb7ba47\u003c/code\u003e\u003c/a\u003e fix: keep buildHttp imports bundled for node target (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14086\"\u003e#14086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/9ceba096132b2f21a6acd2c8432b9ad22a8111cc\"\u003e\u003ccode\u003e9ceba09\u003c/code\u003e\u003c/a\u003e feat: circular modules info plugin (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14031\"\u003e#14031\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/c7353bc21c8b83f296003d2b2e10f709ed6416b2\"\u003e\u003ccode\u003ec7353bc\u003c/code\u003e\u003c/a\u003e feat(css): support CSS module local ident options (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14009\"\u003e#14009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/9a2ef243830e910ecea0092a77dad1c83a1f1b3a\"\u003e\u003ccode\u003e9a2ef24\u003c/code\u003e\u003c/a\u003e chore(deps): update patch npm dependencies (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14055\"\u003e#14055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/f5cdf195870dd7f38c2644899806dbda3a6f5758\"\u003e\u003ccode\u003ef5cdf19\u003c/code\u003e\u003c/a\u003e feat(css): add support for css/global module type (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/13988\"\u003e#13988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/3c6700cddb9ace71b1864c45f3421ef427867bad\"\u003e\u003ccode\u003e3c6700c\u003c/code\u003e\u003c/a\u003e fix(cli): write logger trace output to file by default (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14022\"\u003e#14022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/dfcccd6e34f2a0558b90f42d826840bb3d05ce64\"\u003e\u003ccode\u003edfcccd6\u003c/code\u003e\u003c/a\u003e chore: release version 2.0.3 (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14015\"\u003e#14015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/625d72955333cfccc518e3f41346f630893de2aa\"\u003e\u003ccode\u003e625d729\u003c/code\u003e\u003c/a\u003e feat: support import.meta.rspackRsc (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/13840\"\u003e#13840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/eae2abdfc4370bdcffca36463e888705063a49ab\"\u003e\u003ccode\u003eeae2abd\u003c/code\u003e\u003c/a\u003e feat(externals): add modern-module externals type (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/13861\"\u003e#13861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/web-infra-dev/rspack/commits/v2.0.4/packages/rspack\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 20.19.39 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 9.39.4 to 10.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1a45ec596af1dd5f880e6874cb8f24dafb6a7ecf\"\u003e\u003ccode\u003e1a45ec5\u003c/code\u003e\u003c/a\u003e feat: check sequence expressions in \u003ccode\u003efor-direction\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20701\"\u003e#20701\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/450040bd89b989b3531824c6be45feb5fe3d936b\"\u003e\u003ccode\u003e450040b\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eincludeIgnoreFile()\u003c/code\u003e to \u003ccode\u003eeslint/config\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20735\"\u003e#20735\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/544c0c3da589166ad8e5d634f35d3d06701c57be\"\u003e\u003ccode\u003e544c0c3\u003c/code\u003e\u003c/a\u003e fix: escape code path DOT labels in debug output (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20866\"\u003e#20866\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6799431203f2579632d0870f98ba132067f4040c\"\u003e\u003ccode\u003e6799431\u003c/code\u003e\u003c/a\u003e fix: update dependency \u003ccode\u003e@​eslint/config-helpers\u003c/code\u003e to ^0.6.0 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20850\"\u003e#20850\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f078fef5005dceb14fc162aab7c7200e027688dd\"\u003e\u003ccode\u003ef078fef\u003c/code\u003e\u003c/a\u003e fix: handle non-array deprecated rule replacements (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20825\"\u003e#20825\u003c/a\u003e) (xbinaryx)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7e52a7151fb92eec0e0f67fe4e5ddbd1ccce796f\"\u003e\u003ccode\u003e7e52a71\u003c/code\u003e\u003c/a\u003e docs: add mention of \u003ccode\u003e@eslint-react/eslint-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20869\"\u003e#20869\u003c/a\u003e) (Pavel)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/db3468ba746407d7f286f18f7ea9db6df0e3bc08\"\u003e\u003ccode\u003edb3468b\u003c/code\u003e\u003c/a\u003e docs: tweak wording around ambiguous CJS-vs-ESM config (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20865\"\u003e#20865\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/90846643ec6e97d447ae0d831fabe6d17b0a998a\"\u003e\u003ccode\u003e9084664\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9cc73875046e3c4b8313644cbb1e99e26b36bd3f\"\u003e\u003ccode\u003e9cc7387\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/3d7b5484407403817aa9071a394d336d8ea96eb5\"\u003e\u003ccode\u003e3d7b548\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/191ec3c0a3f94ce0f110df761f0b2b8949011ccb\"\u003e\u003ccode\u003e191ec3c\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6616856f28fa514a30f87b5539fc100d739a94bf\"\u003e\u003ccode\u003e6616856\u003c/code\u003e\u003c/a\u003e chore: upgrade knip to v6 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20875\"\u003e#20875\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d13b084a3ad02f926e9addaa35fc383759ea5554\"\u003e\u003ccode\u003ed13b084\u003c/code\u003e\u003c/a\u003e ci: ensure auto-created PRs run CI (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20860\"\u003e#20860\u003c/a\u003e) (lumir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e71c7af86dce9acc1d18cb12d2184309f6841594\"\u003e\u003ccode\u003ee71c7af\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20862\"\u003e#20862\u003c/a\u003e) (dependabot[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d84393dea170f54191fd20c8268b52c81c0ccd99\"\u003e\u003ccode\u003ed84393d\u003c/code\u003e\u003c/a\u003e test: add unit tests for SuppressionsService.applySuppressions() (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20863\"\u003e#20863\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/24db8cb8e6f07fba667121777a15b1785486be94\"\u003e\u003ccode\u003e24db8cb\u003c/code\u003e\u003c/a\u003e test: add tests for SuppressionsService.save() (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20802\"\u003e#20802\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ef0549cac4a9537e4c3a26b9f3edd4c99476bf6\"\u003e\u003ccode\u003e2ef0549\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20857\"\u003e#20857\u003c/a\u003e) (github-actions[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a4297918d264d229a06cd96051ef9b91c7b86732\"\u003e\u003ccode\u003ea429791\u003c/code\u003e\u003c/a\u003e ci: remove \u003ccode\u003eeslint-webpack-plugin\u003c/code\u003e types integration test (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20668\"\u003e#20668\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9e37386aa7f2ce220b2ef74a6afbac5f6b3527c5\"\u003e\u003ccode\u003e9e37386\u003c/code\u003e\u003c/a\u003e chore: replace \u003ccode\u003erecast\u003c/code\u003e with range approach in code-sample-minimizer (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20682\"\u003e#20682\u003c/a\u003e) (Copilot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/0dd1f9ffc9a07704d46e2a4c8d4ccc0d0908b0c0\"\u003e\u003ccode\u003e0dd1f9f\u003c/code\u003e\u003c/a\u003e test: disable warning for \u003ccode\u003evm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20845\"\u003e#20845\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9da3c7bc92d9579f8db19ecb56e718538d09db2b\"\u003e\u003ccode\u003e9da3c7b\u003c/code\u003e\u003c/a\u003e refactor: remove deprecated \u003ccode\u003emeta.language\u003c/code\u003e and migrate \u003ccode\u003emeta.dialects\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20716\"\u003e#20716\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2099ed12a0a74c3d7f0808514362af2499b4fe2b\"\u003e\u003ccode\u003e2099ed1\u003c/code\u003e\u003c/a\u003e refactor: add \u003ccode\u003emeta.defaultOptions\u003c/code\u003e to more rules, enable linting (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20800\"\u003e#20800\u003c/a\u003e) (xbinaryx)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f1dfbc9ca57196de7092e1888cc99427bd6fe06e\"\u003e\u003ccode\u003ef1dfbc9\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20836\"\u003e#20836\u003c/a\u003e) (github-actions[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c75941390c14728806cd4baef4f6072f6de78318\"\u003e\u003ccode\u003ec759413\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.3 to 6.0.5 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20843\"\u003e#20843\u003c/a\u003e) (dependabot[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5b817d6fdc9ae2c35b528dc662b2eca8f40f64aa\"\u003e\u003ccode\u003e5b817d6\u003c/code\u003e\u003c/a\u003e test: add unit tests for lib/shared/ast-utils (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20838\"\u003e#20838\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1c13ae3934c198c494e5958fa3a68b33244ff06a\"\u003e\u003ccode\u003e1c13ae3\u003c/code\u003e\u003c/a\u003e test: add unit tests for lib/shared/severity (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20835\"\u003e#20835\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.3.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/379571a975f2b24d88037b9de2e72ec61d004130\"\u003e\u003ccode\u003e379571a\u003c/code\u003e\u003c/a\u003e feat: add suggestions for no-unused-private-class-members (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20773\"\u003e#20773\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b6ae5cf07b9b51802367539cb24b245b61eaa37c\"\u003e\u003ccode\u003eb6ae5cf\u003c/code\u003e\u003c/a\u003e fix: handle unavailable require cache (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20812\"\u003e#20812\u003c/a\u003e) (Simon Podlipsky)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6fb3685bcbe9a6f72fd7dfb9129686b6fb96b0bd\"\u003e\u003ccode\u003e6fb3685\u003c/code\u003e\u003c/a\u003e fix: rule suggestions cause continuation in class body (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20787\"\u003e#20787\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/32cc7ab4ec653ce89da92deb5c40a9f4fc707fe5\"\u003e\u003ccode\u003e32cc7ab\u003c/code\u003e\u003c/a\u003e docs: fix typos in docs and comments (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20809\"\u003e#20809\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7f479376a2fa463d823ab762db6bb37ce8d2ee8f\"\u003e\u003ccode\u003e7f47937\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d32235ec19ceea211fa86452afa383ca05f5c2f9\"\u003e\u003ccode\u003ed32235e\u003c/code\u003e\u003c/a\u003e ci: use pnpm in \u003ccode\u003eeslint-flat-config-utils\u003c/code\u003e type integration test (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20826\"\u003e#20826\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/3ffb14ea517de750ed1181579ef844af342e4096\"\u003e\u003ccode\u003e3ffb14e\u003c/code\u003e\u003c/a\u003e chore: clean up typos in comments and JSDoc (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20821\"\u003e#20821\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/452c4010c07dc2e36fe6ec6a8c48298878e86887\"\u003e\u003ccode\u003e452c401\u003c/code\u003e\u003c/a\u003e 10.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b6417e8b55c9525070d6e168b485ce6ff21688ed\"\u003e\u003ccode\u003eb6417e8\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6616856f28fa514a30f87b5539fc100d739a94bf\"\u003e\u003ccode\u003e6616856\u003c/code\u003e\u003c/a\u003e chore: upgrade knip to v6 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20875\"\u003e#20875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d13b084a3ad02f926e9addaa35fc383759ea5554\"\u003e\u003ccode\u003ed13b084\u003c/code\u003e\u003c/a\u003e ci: ensure auto-created PRs run CI (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20860\"\u003e#20860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7e52a7151fb92eec0e0f67fe4e5ddbd1ccce796f\"\u003e\u003ccode\u003e7e52a71\u003c/code\u003e\u003c/a\u003e docs: add mention of \u003ccode\u003e@eslint-react/eslint-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20869\"\u003e#20869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e71c7af86dce9acc1d18cb12d2184309f6841594\"\u003e\u003ccode\u003ee71c7af\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20862\"\u003e#20862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/544c0c3da589166ad8e5d634f35d3d06701c57be\"\u003e\u003ccode\u003e544c0c3\u003c/code\u003e\u003c/a\u003e fix: escape code path DOT labels in debug output (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20866\"\u003e#20866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/db3468ba746407d7f286f18f7ea9db6df0e3bc08\"\u003e\u003ccode\u003edb3468b\u003c/code\u003e\u003c/a\u003e docs: tweak wording around ambiguous CJS-vs-ESM config (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20865\"\u003e#20865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d84393dea170f54191fd20c8268b52c81c0ccd99\"\u003e\u003ccode\u003ed84393d\u003c/code\u003e\u003c/a\u003e test: add unit tests for SuppressionsService.applySuppressions() (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20863\"\u003e#20863\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/90846643ec6e97d447ae0d831fabe6d17b0a998a\"\u003e\u003ccode\u003e9084664\u003c/code\u003e\u003c/a\u003e docs: Update README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v9.39.4...v10.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `globals` from 15.15.0 to 17.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sindresorhus/globals/releases\"\u003eglobals's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev17.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (2026-05-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/343\"\u003e#343\u003c/a\u003e)  00a4dd9\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.5.0...v17.6.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.5.0...v17.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (2026-04-12) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/342\"\u003e#342\u003c/a\u003e)  5d84602\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.4.0...v17.5.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.4.0...v17.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (2026-03-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/338\"\u003e#338\u003c/a\u003e)  d43a051\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.3.0...v17.4.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.3.0...v17.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (2026-02-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/336\"\u003e#336\u003c/a\u003e)  295fba9\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.2.0...v17.3.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.2.0...v17.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ejasmine\u003c/code\u003e: Add \u003ccode\u003ethrowUnless\u003c/code\u003e and \u003ccode\u003ethrowUnlessAsync\u003c/code\u003e globals (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/335\"\u003e#335\u003c/a\u003e)  97f23a7\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.1.0...v17.2.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.1.0...v17.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ewebpack\u003c/code\u003e and \u003ccode\u003erspack\u003c/code\u003e globals (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/333\"\u003e#333\u003c/a\u003e)  65cae73\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.0.0...v17.1.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.0.0...v17.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.0.0\u003c/h2\u003e\n\u003ch3\u003eBreaking\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSplit \u003ccode\u003eaudioWorklet\u003c/code\u003e environment from \u003ccode\u003ebrowser\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/320\"\u003e#320\u003c/a\u003e)  7bc293e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/329\"\u003e#329\u003c/a\u003e)  ebe1063\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/6b15870f1c08b60b5b57afe45a703d9ed0be39bc\"\u003e\u003ccode\u003e6b15870\u003c/code\u003e\u003c/a\u003e 17.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/00a4dd9821830a9b044798120e86b1bb1a54648d\"\u003e\u003ccode\u003e00a4dd9\u003c/code\u003e\u003c/a\u003e Update globals (2026-05-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/343\"\u003e#343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/b8170c8e1d648291b613c5b39a69652c796fa36c\"\u003e\u003ccode\u003eb8170c8\u003c/code\u003e\u003c/a\u003e 17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/5d846029679832931f38ced6381cc95bcb9abd80\"\u003e\u003ccode\u003e5d84602\u003c/code\u003e\u003c/a\u003e Update globals (2026-04-12) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/342\"\u003e#342\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/1b727e5f4cc39121b8e77b9f27574a8ca27391fc\"\u003e\u003ccode\u003e1b727e5\u003c/code\u003e\u003c/a\u003e Fix build script for ES globals (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/341\"\u003e#341\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/a9cfd7493fb701474d4dc946283c7b9d63d64134\"\u003e\u003ccode\u003ea9cfd74\u003c/code\u003e\u003c/a\u003e 17.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/d43a051c48fbb8c549bb98a7cf294ba84680a7a1\"\u003e\u003ccode\u003ed43a051\u003c/code\u003e\u003c/a\u003e Update globals (2026-03-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/338\"\u003e#338\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/5edc6020698a76964b0fa17cb604f4484451143b\"\u003e\u003ccode\u003e5edc602\u003c/code\u003e\u003c/a\u003e 17.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/295fba929adf8b44f945688233778a57ff754368\"\u003e\u003ccode\u003e295fba9\u003c/code\u003e\u003c/a\u003e Update globals (2026-02-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/336\"\u003e#336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/8176ac7290e6eb0be1403b80a4184651c4cd95f6\"\u003e\u003ccode\u003e8176ac7\u003c/code\u003e\u003c/a\u003e 17.2.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sindresorhus/globals/compare/v15.15.0...v17.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jest` from 30.3.0 to 30.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jestjs/jest/releases\"\u003ejest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev30.4.2\u003c/h2\u003e\n\u003ch1\u003eFixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Fix named imports from CJS modules whose \u003ccode\u003emodule.exports\u003c/code\u003e is a function with own-property exports (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16150\"\u003e#16150\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jestjs/jest/compare/v30.4.1...v30.4.2\"\u003ehttps://github.com/jestjs/jest/compare/v30.4.1...v30.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev30.4.1\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-runner, jest-schemas, jest-types]\u003c/code\u003e Allow custom runner configuration options via tuple format \u003ccode\u003e['runner-path', {options}]\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16141\"\u003e#16141\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Align CJS-from-ESM default export with Node: \u003ccode\u003emodule.exports\u003c/code\u003e is always the ESM default, \u003ccode\u003e__esModule\u003c/code\u003e unwrapping is no longer applied (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16143\"\u003e#16143\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jestjs/jest/compare/v30.4.0...v30.4.1\"\u003ehttps://github.com/jestjs/jest/compare/v30.4.0...v30.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev30.4.0\u003c/h2\u003e\n\u003cp\u003eBig release! 😀\u003c/p\u003e\n\u003cp\u003eMain feature is a rewrite of our custom runtime in preparation for stabilisation of native support of ESM. As part of that work \u003ccode\u003erequire(esm)\u003c/code\u003e module is now supported on Node 24.9+ (still requires \u003ccode\u003e--experimental-vm-modules\u003c/code\u003e like before).\u003c/p\u003e\n\u003cp\u003eIn addition we now support fake timers for the recently released \u003ccode\u003eTemporal\u003c/code\u003e API in Node v26.\u003c/p\u003e\n\u003cp\u003eReact 19 is also supported properly in \u003ccode\u003epretty-format\u003c/code\u003e, meaning snapshots of React components now work like they should.\u003c/p\u003e\n\u003cp\u003eDue to all the changes, there might be regressions that snuck in. Please report them!\u003c/p\u003e\n\u003cp\u003eFull list of changes below\u003c/p\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[babel-jest]\u003c/code\u003e Support collecting coverage from \u003ccode\u003e.mts\u003c/code\u003e, \u003ccode\u003e.cts\u003c/code\u003e (and other) files (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15994\"\u003e#15994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types]\u003c/code\u003e Add \u003ccode\u003e--collect-tests\u003c/code\u003e flag to discover and list tests without executing them (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16006\"\u003e#16006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-runner, jest-worker]\u003c/code\u003e Add \u003ccode\u003eworkerGracefulExitTimeout\u003c/code\u003e config option to control how long workers are given to exit before being force-killed (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15984\"\u003e#15984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Add support for \u003ccode\u003ejest.config.mts\u003c/code\u003e as a valid configuration file (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16005\"\u003e#16005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-reporters, jest-runner]\u003c/code\u003e \u003ccode\u003everbose\u003c/code\u003e and \u003ccode\u003esilent\u003c/code\u003e can now be set per-project; the project-level value overrides the global value for that project's tests (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16133\"\u003e#16133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Duration\u003c/code\u003e in \u003ccode\u003ejest.advanceTimersByTime()\u003c/code\u003e and \u003ccode\u003ejest.advanceTimersByTimeAsync()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Instant\u003c/code\u003e and \u003ccode\u003eTemporal.ZonedDateTime\u003c/code\u003e in \u003ccode\u003ejest.setSystemTime()\u003c/code\u003e and \u003ccode\u003euseFakeTimers({now})\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Support faking \u003ccode\u003eTemporal.Now.*\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16131\"\u003e#16131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-mock]\u003c/code\u003e Add \u003ccode\u003eclearMocksOnScope(scope)\u003c/code\u003e on \u003ccode\u003eModuleMocker\u003c/code\u003e for clearing every mock function exposed on a scope object (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16088\"\u003e#16088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-resolve]\u003c/code\u003e Add \u003ccode\u003ecanResolveSync()\u003c/code\u003e on \u003ccode\u003eResolver\u003c/code\u003e so callers can detect when a use...\n\n_Description has been truncated_","html_url":"https://github.com/bsv-blockchain/ts-stack/pull/149","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bsv-blockchain%2Fts-stack/issues/149","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/149/packages"},{"uuid":"4497400411","node_id":"PR_kwDONS61ns7eFGm-","number":10,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T01:23:23.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T19:37:08.000Z","updated_at":"2026-05-22T01:23:25.000Z","time_to_close":20775,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":8,"packages":[{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"qs","old_version":"6.11.0","new_version":"6.14.2","repository_url":"https://github.com/ljharb/qs"},{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ejs","old_version":"2.7.4","new_version":"5.0.2","repository_url":"https://github.com/mde/ejs"},{"name":"jquery","old_version":"2.2.4","new_version":"4.0.0","repository_url":"https://github.com/jquery/jquery"},{"name":"jquery-ui","old_version":"1.10.5","new_version":"1.13.2","repository_url":"https://github.com/jquery/jquery-ui"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /benchmarks/fixtures/alotta-files directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 2 updates in the /benchmarks/fixtures/medium-size-app directory: [axios](https://github.com/axios/axios) and [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware).\nBumps the npm_and_yarn group with 6 updates in the /src/.tmp/npm/alotta-files directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [qs](https://github.com/ljharb/qs) | `6.11.0` | `6.14.2` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [ejs](https://github.com/mde/ejs) | `2.7.4` | `5.0.2` |\n| [jquery](https://github.com/jquery/jquery) | `2.2.4` | `4.0.0` |\n| [jquery-ui](https://github.com/jquery/jquery-ui) | `1.10.5` | `1.13.2` |\n\n\nUpdates `uuid` from 9.0.1 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.1...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.16.2 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.16.2...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `http-proxy-middleware` from 0.17.4 to 4.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases\"\u003ehttp-proxy-middleware's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSwitched proxy from \u003ccode\u003ehttp-proxy\u003c/code\u003e to \u003ccode\u003ehttpxy\u003c/code\u003e ✨ (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1160\"\u003echimurai/http-proxy-middleware#1160\u003c/a\u003e)\nThis replaces a long-standing core dependency and brings in many upstream fixes and behavior improvements documented by the \u003ccode\u003ehttpxy\u003c/code\u003e project: \u003ca href=\"https://redirect.github.com/unjs/httpxy/issues/2\"\u003eunjs/httpxy#2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emany fixes: \u003ca href=\"https://github.com/unjs/httpxy/pulls?q=sort%3Aupdated-desc+is%3Apr+is%3Aclosed\"\u003ehttps://github.com/unjs/httpxy/pulls?q=sort%3Aupdated-desc+is%3Apr+is%3Aclosed\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehttp/2 support: \u003ca href=\"https://redirect.github.com/unjs/httpxy/pull/102\"\u003eunjs/httpxy#102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperformance: \u003ca href=\"https://redirect.github.com/unjs/httpxy/pull/124\"\u003eunjs/httpxy#124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eESM-only package [BREAKING CHANGE] 💣\n\u003ccode\u003ehttp-proxy-middleware\u003c/code\u003e now ships as native ES modules only. CommonJS \u003ccode\u003erequire()\u003c/code\u003e usage is no longer supported, so imports should use ESM syntax.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated Node.js support policy [BREAKING CHANGE] 💣\nDropped Node.js 14, 16, 18, and 20.\nNew minimum supported runtime is Node.js 22.15.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved \u003ccode\u003elegacyCreateProxyMiddleware()\u003c/code\u003e [BREAKING CHANGE] 💣\nThe legacy compatibility wrapper has been removed as part of API cleanup. Use \u003ccode\u003ecreateProxyMiddleware()\u003c/code\u003e directly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded IPv6 literal support ✨\n\u003ccode\u003etarget\u003c/code\u003e and \u003ccode\u003eforward\u003c/code\u003e now support literal IPv6 URLs, for example: \u003ccode\u003ehttp://[::1]:3000\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExperimental Hono support 🧪\nAdded \u003ccode\u003ecreateHonoProxyMiddleware()\u003c/code\u003e for Hono apps, including dedicated subpath support via \u003ccode\u003ehttp-proxy-middleware/hono\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMany thanks to everyone who helped make this release possible. 🙏\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(types): fix Logger type by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1104\"\u003echimurai/http-proxy-middleware#1104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(fixRequestBody): support text/plain by \u003ca href=\"https://github.com/knudtty\"\u003e\u003ccode\u003e@​knudtty\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1103\"\u003echimurai/http-proxy-middleware#1103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(examples): bump deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1105\"\u003echimurai/http-proxy-middleware#1105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(prettier): improve prettier setup by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1108\"\u003echimurai/http-proxy-middleware#1108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): fix punycode node deprecation warning by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1109\"\u003echimurai/http-proxy-middleware#1109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(examples): bump deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1110\"\u003echimurai/http-proxy-middleware#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(codespaces): add devcontainer.json by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1112\"\u003echimurai/http-proxy-middleware#1112\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): bump dev dependencies by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1116\"\u003echimurai/http-proxy-middleware#1116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(github-action): ci.yml add node v24 by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1117\"\u003echimurai/http-proxy-middleware#1117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): bump dev dependencies by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1118\"\u003echimurai/http-proxy-middleware#1118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): upgrade to jest v30 by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1122\"\u003echimurai/http-proxy-middleware#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(examples): upgrade deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1124\"\u003echimurai/http-proxy-middleware#1124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): update dev deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1125\"\u003echimurai/http-proxy-middleware#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(websocket): fix ws import by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1126\"\u003echimurai/http-proxy-middleware#1126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(refactor): use \u003ccode\u003enode:\u003c/code\u003e protocol imports by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1127\"\u003echimurai/http-proxy-middleware#1127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(node24): pin node24 due to TLS issue with mockttp by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1137\"\u003echimurai/http-proxy-middleware#1137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(recipes/pathRewrite.md): fix comment by \u003ca href=\"https://github.com/DEBargha2004\"\u003e\u003ccode\u003e@​DEBargha2004\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1135\"\u003echimurai/http-proxy-middleware#1135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): bump dev deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1138\"\u003echimurai/http-proxy-middleware#1138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update actions/checkout action to v5 by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1140\"\u003echimurai/http-proxy-middleware#1140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(error-response-plugin): sanitize input by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1141\"\u003echimurai/http-proxy-middleware#1141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package.json): update dev deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1143\"\u003echimurai/http-proxy-middleware#1143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md\"\u003ehttp-proxy-middleware's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v4.0.0\"\u003ev4.0.0\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(types): fix Logger type\u003c/li\u003e\n\u003cli\u003efix(error-response-plugin): sanitize input\u003c/li\u003e\n\u003cli\u003efeat: drop node v14/v16/v18 [BREAKING CHANGE]\u003c/li\u003e\n\u003cli\u003erefactor: replace http-proxy w/ httpxy\u003c/li\u003e\n\u003cli\u003echore: remove legacyCreateProxyMiddleware() [BREAKING CHANGE]\u003c/li\u003e\n\u003cli\u003eci: migrate from jest to vitest\u003c/li\u003e\n\u003cli\u003echore(package.json): esm only [BREAKING CHANGE]\u003c/li\u003e\n\u003cli\u003echore(package.json): bump to httpxy 0.5.0 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1183\"\u003e#1183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(package.json): drop node20 [BREAKING CHANGE] (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1179\"\u003e#1179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor: remove deprecated url.parse() (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1176\"\u003e#1176\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(fixRequestBody): support content-encoding on request body (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1142\"\u003e#1142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: prevent TypeError when ws enabled but server is undefined (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1163\"\u003e#1163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: applyPathRewrite logs old req.url instead of rewritten path (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1157\"\u003e#1157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(hono): support for hono with createHonoProxyMiddleware\u003c/li\u003e\n\u003cli\u003efeat(ipv6): support literal IPv6 addresses in \u003ccode\u003etarget\u003c/code\u003e and \u003ccode\u003eforward\u003c/code\u003e options (ie. \u0026quot;http://[::1]:8000\u0026quot;)\u003c/li\u003e\n\u003cli\u003echore(package.json): bump httpxy to ^0.5.1\u003c/li\u003e\n\u003cli\u003efix(logger-plugin): support ipv6 host and handle undefined protocol/host\u003c/li\u003e\n\u003cli\u003eci(publish.yml): pin github.triggering_actor\u003c/li\u003e\n\u003cli\u003echore(package.json): node ^22.15.0 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1218\"\u003e#1218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor(package): subpath 'http-proxy-middleware/hono' (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1220\"\u003e#1220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: node 26 support\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.5\"\u003ev3.0.5\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(fixRequestBody): check readableLength (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1096\"\u003e#1096\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.4\"\u003ev3.0.4\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(fixRequestBody): handle invalid request (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1092\"\u003e#1092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(fixRequestBody): prevent multiple .write() calls (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1089\"\u003e#1089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(websocket): handle errors in handleUpgrade (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/823\"\u003e#823\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci(package): patch http-proxy (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1084\"\u003e#1084\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(fixRequestBody): support multipart/form-data (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/896\"\u003e#896\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(types): export Plugin type (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1071\"\u003e#1071\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.3\"\u003ev3.0.3\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(pathFilter): handle errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.2\"\u003ev3.0.2\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(dependency): replace is-plain-obj with is-plain-object (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1031\"\u003e#1031\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(package): upgrade to eslint v9 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1032\"\u003e#1032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(logger-plugin): handle undefined protocol and hostname (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1036\"\u003e#1036\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.1\"\u003ev3.0.1\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(type): fix RequestHandler return type (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/980\"\u003e#980\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/8f356bcb5fce079460564f729da55814363361a6\"\u003e\u003ccode\u003e8f356bc\u003c/code\u003e\u003c/a\u003e chore(package.json): v4.0.0 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1225\"\u003e#1225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/7d7f9b05240b6321e24d0fe47e220dcd5ff28985\"\u003e\u003ccode\u003e7d7f9b0\u003c/code\u003e\u003c/a\u003e chore: node 26 support (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1224\"\u003e#1224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/9a1cdb5c1759496d040c1a792e33e5790f1baf5c\"\u003e\u003ccode\u003e9a1cdb5\u003c/code\u003e\u003c/a\u003e docs: minor documentation fixes (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1223\"\u003e#1223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/c03926df4633b042726cd8392be6e705c606b59f\"\u003e\u003ccode\u003ec03926d\u003c/code\u003e\u003c/a\u003e docs: update http-proxy references to httpxy (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1222\"\u003e#1222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/f8ecd6d2c6abe683f4f1cc5377fb93dfe9b1e145\"\u003e\u003ccode\u003ef8ecd6d\u003c/code\u003e\u003c/a\u003e chore(package.json): v4.0.0-beta.6 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1221\"\u003e#1221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/08c5248718263f19a3da7bc912df4b71487ac7c5\"\u003e\u003ccode\u003e08c5248\u003c/code\u003e\u003c/a\u003e refactor(package): subpath 'http-proxy-middleware/hono' (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1220\"\u003e#1220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/a0fed537e64e951c16ffeb57721ac7d37686f362\"\u003e\u003ccode\u003ea0fed53\u003c/code\u003e\u003c/a\u003e chore(package.json): node ^22.15.0 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1218\"\u003e#1218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/2c6768b08b82360fa1ce4df8e43b2883d60f8ef9\"\u003e\u003ccode\u003e2c6768b\u003c/code\u003e\u003c/a\u003e chore(package.json): remove patch-package (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1217\"\u003e#1217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/339f09ede860197807d4fd99ed9020fa5d0bd358\"\u003e\u003ccode\u003e339f09e\u003c/code\u003e\u003c/a\u003e ci(publish.yml): pin github.triggering_actor (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1216\"\u003e#1216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/dcacc02137d3864b3694d1f01154f1a1ddd14736\"\u003e\u003ccode\u003edcacc02\u003c/code\u003e\u003c/a\u003e fix(logger-plugin): support ipv6 host and handle undefined protocol/host (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1215\"\u003e#1215\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/chimurai/http-proxy-middleware/compare/v0.17.4...v4.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for http-proxy-middleware since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.0 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.0...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=...\n\n_Description has been truncated_","html_url":"https://github.com/deleonio/pnpm.io/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/deleonio%2Fpnpm.io/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4482539461","node_id":"PR_kwDOShefoc7dU6rk","number":6,"state":"open","title":"Bump ejs from 3.1.10 to 5.0.2","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T02:07:43.000Z","updated_at":"2026-05-20T02:07:44.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"ejs","old_version":"3.1.10","new_version":"5.0.2","repository_url":"https://github.com/mde/ejs"}],"path":null,"ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 3.1.10 to 5.0.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.2\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.1\u003c/p\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 4.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/blob/main/RELEASE_NOTES_v5.md\"\u003eejs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eEJS Version 5.0.1 Release Notes\u003c/h1\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eEJS version 5.0.1 is a major release that removes deprecated options, fixes template\nbehavior with custom delimiters, improves the CLI and build pipeline, and simplifies\nthe package by moving Jake to a dev-only dependency.\u003c/p\u003e\n\u003ch2\u003eMajor Changes\u003c/h2\u003e\n\u003ch3\u003eDeprecated Option Removed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e option\u003c/strong\u003e (Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e): The legacy \u003ccode\u003eclient\u003c/code\u003e flag and related\ncode have been removed. This option produced browser-oriented template functions\nby inlining escape and rethrow helpers; it was unmaintained and broken. Use the\nstandard browser bundle (\u003ccode\u003eejs.min.js\u003c/code\u003e) or compile templates for the client using\nyour own build setup.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCustom delimiters and whitespace-slurp tags\u003c/strong\u003e (Fixed \u003ca href=\"https://redirect.github.com/mde/ejs/issues/780\"\u003e#780\u003c/a\u003e): Whitespace-slurp\ntags (\u003ccode\u003e\u0026lt;%_\u003c/code\u003e and \u003ccode\u003e_%\u0026gt;\u003c/code\u003e by default) now respect custom \u003ccode\u003eopenDelimiter\u003c/code\u003e, \u003ccode\u003edelimiter\u003c/code\u003e,\nand \u003ccode\u003ecloseDelimiter\u003c/code\u003e. Previously, the slurp regex was hardcoded to \u003ccode\u003e\u0026lt;%\u003c/code\u003e/\u003ccode\u003e%\u0026gt;\u003c/code\u003e,\nso custom delimiters did not work correctly with \u003ccode\u003e\u0026lt;%_\u003c/code\u003e/\u003ccode\u003e_%\u0026gt;\u003c/code\u003e-style tags.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCLI \u0026amp; Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCLI no longer depends on Jake\u003c/strong\u003e: The \u003ccode\u003eejs\u003c/code\u003e CLI now uses a bundled argument\nparser (\u003ccode\u003elib/esm/parseargs.js\u003c/code\u003e / \u003ccode\u003elib/cjs/parseargs.js\u003c/code\u003e) instead of the Jake\nprogram module. Jake remains a devDependency for the build (lint, compile,\nbrowserify, minify, test).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eJake moved to devDependencies\u003c/strong\u003e: Jake was moved from \u003ccode\u003edependencies\u003c/code\u003e to\n\u003ccode\u003edevDependencies\u003c/code\u003e, so installing \u003ccode\u003eejs\u003c/code\u003e as a dependency no longer pulls in Jake.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMinification fix\u003c/strong\u003e: The minify task now minifies the browserified \u003ccode\u003eejs.js\u003c/code\u003e\nbundle (output of the browserify task) instead of \u003ccode\u003elib/cjs/ejs.js\u003c/code\u003e, so the\nbrowser bundle is correctly minified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation \u0026amp; Examples\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJSDoc updates\u003c/strong\u003e: Removed references to the \u003ccode\u003eclient\u003c/code\u003e option and \u003ccode\u003eClientFunction\u003c/code\u003e\nfrom options and template-function documentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExamples\u003c/strong\u003e: \u003ccode\u003eexamples/client-compilation.html\u003c/code\u003e and \u003ccode\u003eexamples/express/app.js\u003c/code\u003e\nupdated to remove use of the \u003ccode\u003eclient\u003c/code\u003e option; Express example no longer passes\n\u003ccode\u003eclient: true\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eREADME\u003c/strong\u003e: Removed broken link to the third-party EJS playground.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Quality\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eTests\u003c/strong\u003e: Removed tests that targeted the removed \u003ccode\u003eclient\u003c/code\u003e option behavior.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUtils\u003c/strong\u003e: Removed unused \u003ccode\u003eclient\u003c/code\u003e-related code from \u003ccode\u003elib/esm/utils.js\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e Option\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eOption removed\u003c/strong\u003e: The \u003ccode\u003eclient\u003c/code\u003e option is no longer supported. Passing\n\u003ccode\u003eclient: true\u003c/code\u003e (or any value) is ignored; no error is thrown, but no\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/a464c96302e57a53914604617331b69afccae25e\"\u003e\u003ccode\u003ea464c96\u003c/code\u003e\u003c/a\u003e Version 5.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/b4f7b4936452a6e28eafa7a1404fda16a818802d\"\u003e\u003ccode\u003eb4f7b49\u003c/code\u003e\u003c/a\u003e Hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2b155621f9b9ee0bcc59b6c877db69ab6f2fbc50\"\u003e\u003ccode\u003e2b15562\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f9ab0b7d9437de643f1c63896271307708810a77\"\u003e\u003ccode\u003ef9ab0b7\u003c/code\u003e\u003c/a\u003e Version 5.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/173c46f4786f1d143cc51934b4696f0795079b2c\"\u003e\u003ccode\u003e173c46f\u003c/code\u003e\u003c/a\u003e Bump version for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/35ad41b93e8b2ddd579e764d043057957d1a9866\"\u003e\u003ccode\u003e35ad41b\u003c/code\u003e\u003c/a\u003e Removed Jake\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/bf142d1abc5fdd76fc498db97f613806cd80fb47\"\u003e\u003ccode\u003ebf142d1\u003c/code\u003e\u003c/a\u003e Updated version number\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/3cd835cfdaf327e4549bf9139e8613244ac5a929\"\u003e\u003ccode\u003e3cd835c\u003c/code\u003e\u003c/a\u003e Remove broken playground link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/6e1289c3344e8b3aeb4f7ecd8ae70c36be8664df\"\u003e\u003ccode\u003e6e1289c\u003c/code\u003e\u003c/a\u003e Fix minification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/5090873fbff032d61968a32232346fafa65b06d2\"\u003e\u003ccode\u003e5090873\u003c/code\u003e\u003c/a\u003e Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e, removed old 'client' flag\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.10...v5.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=3.1.10\u0026new-version=5.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/bicilique/devsecops-web-monolith-demo/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bicilique%2Fdevsecops-web-monolith-demo/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4474531273","node_id":"PR_kwDOShisVs7c7DPE","number":1,"state":"open","title":"Bump ejs from 3.1.6 to 3.1.10 in /frontend","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T04:58:02.000Z","updated_at":"2026-05-19T04:58:14.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"}],"path":"/frontend","ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 3.1.6 to 3.1.10.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003ch2\u003ev3.1.7\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.7\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.6...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=3.1.6\u0026new-version=3.1.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SQLtattoo/SQLtattoo-GH500-class-demos/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/SQLtattoo/SQLtattoo-GH500-class-demos/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SQLtattoo%2FSQLtattoo-GH500-class-demos/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4474378598","node_id":"PR_kwDOShiPts7c6jDE","number":15,"state":"open","title":"Bump ejs from 3.1.6 to 5.0.2 in /frontend","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T04:25:05.000Z","updated_at":"2026-05-19T04:25:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"ejs","old_version":"3.1.6","new_version":"5.0.2","repository_url":"https://github.com/mde/ejs"}],"path":"/frontend","ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 3.1.6 to 5.0.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.2\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.1\u003c/p\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 4.0.1\u003c/p\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003ch2\u003ev3.1.7\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.7\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/blob/main/RELEASE_NOTES_v5.md\"\u003eejs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eEJS Version 5.0.1 Release Notes\u003c/h1\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eEJS version 5.0.1 is a major release that removes deprecated options, fixes template\nbehavior with custom delimiters, improves the CLI and build pipeline, and simplifies\nthe package by moving Jake to a dev-only dependency.\u003c/p\u003e\n\u003ch2\u003eMajor Changes\u003c/h2\u003e\n\u003ch3\u003eDeprecated Option Removed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e option\u003c/strong\u003e (Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e): The legacy \u003ccode\u003eclient\u003c/code\u003e flag and related\ncode have been removed. This option produced browser-oriented template functions\nby inlining escape and rethrow helpers; it was unmaintained and broken. Use the\nstandard browser bundle (\u003ccode\u003eejs.min.js\u003c/code\u003e) or compile templates for the client using\nyour own build setup.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCustom delimiters and whitespace-slurp tags\u003c/strong\u003e (Fixed \u003ca href=\"https://redirect.github.com/mde/ejs/issues/780\"\u003e#780\u003c/a\u003e): Whitespace-slurp\ntags (\u003ccode\u003e\u0026lt;%_\u003c/code\u003e and \u003ccode\u003e_%\u0026gt;\u003c/code\u003e by default) now respect custom \u003ccode\u003eopenDelimiter\u003c/code\u003e, \u003ccode\u003edelimiter\u003c/code\u003e,\nand \u003ccode\u003ecloseDelimiter\u003c/code\u003e. Previously, the slurp regex was hardcoded to \u003ccode\u003e\u0026lt;%\u003c/code\u003e/\u003ccode\u003e%\u0026gt;\u003c/code\u003e,\nso custom delimiters did not work correctly with \u003ccode\u003e\u0026lt;%_\u003c/code\u003e/\u003ccode\u003e_%\u0026gt;\u003c/code\u003e-style tags.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCLI \u0026amp; Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCLI no longer depends on Jake\u003c/strong\u003e: The \u003ccode\u003eejs\u003c/code\u003e CLI now uses a bundled argument\nparser (\u003ccode\u003elib/esm/parseargs.js\u003c/code\u003e / \u003ccode\u003elib/cjs/parseargs.js\u003c/code\u003e) instead of the Jake\nprogram module. Jake remains a devDependency for the build (lint, compile,\nbrowserify, minify, test).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eJake moved to devDependencies\u003c/strong\u003e: Jake was moved from \u003ccode\u003edependencies\u003c/code\u003e to\n\u003ccode\u003edevDependencies\u003c/code\u003e, so installing \u003ccode\u003eejs\u003c/code\u003e as a dependency no longer pulls in Jake.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMinification fix\u003c/strong\u003e: The minify task now minifies the browserified \u003ccode\u003eejs.js\u003c/code\u003e\nbundle (output of the browserify task) instead of \u003ccode\u003elib/cjs/ejs.js\u003c/code\u003e, so the\nbrowser bundle is correctly minified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation \u0026amp; Examples\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJSDoc updates\u003c/strong\u003e: Removed references to the \u003ccode\u003eclient\u003c/code\u003e option and \u003ccode\u003eClientFunction\u003c/code\u003e\nfrom options and template-function documentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExamples\u003c/strong\u003e: \u003ccode\u003eexamples/client-compilation.html\u003c/code\u003e and \u003ccode\u003eexamples/express/app.js\u003c/code\u003e\nupdated to remove use of the \u003ccode\u003eclient\u003c/code\u003e option; Express example no longer passes\n\u003ccode\u003eclient: true\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eREADME\u003c/strong\u003e: Removed broken link to the third-party EJS playground.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Quality\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eTests\u003c/strong\u003e: Removed tests that targeted the removed \u003ccode\u003eclient\u003c/code\u003e option behavior.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUtils\u003c/strong\u003e: Removed unused \u003ccode\u003eclient\u003c/code\u003e-related code from \u003ccode\u003elib/esm/utils.js\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e Option\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eOption removed\u003c/strong\u003e: The \u003ccode\u003eclient\u003c/code\u003e option is no longer supported. Passing\n\u003ccode\u003eclient: true\u003c/code\u003e (or any value) is ignored; no error is thrown, but no\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/a464c96302e57a53914604617331b69afccae25e\"\u003e\u003ccode\u003ea464c96\u003c/code\u003e\u003c/a\u003e Version 5.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/b4f7b4936452a6e28eafa7a1404fda16a818802d\"\u003e\u003ccode\u003eb4f7b49\u003c/code\u003e\u003c/a\u003e Hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2b155621f9b9ee0bcc59b6c877db69ab6f2fbc50\"\u003e\u003ccode\u003e2b15562\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f9ab0b7d9437de643f1c63896271307708810a77\"\u003e\u003ccode\u003ef9ab0b7\u003c/code\u003e\u003c/a\u003e Version 5.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/173c46f4786f1d143cc51934b4696f0795079b2c\"\u003e\u003ccode\u003e173c46f\u003c/code\u003e\u003c/a\u003e Bump version for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/35ad41b93e8b2ddd579e764d043057957d1a9866\"\u003e\u003ccode\u003e35ad41b\u003c/code\u003e\u003c/a\u003e Removed Jake\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/bf142d1abc5fdd76fc498db97f613806cd80fb47\"\u003e\u003ccode\u003ebf142d1\u003c/code\u003e\u003c/a\u003e Updated version number\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/3cd835cfdaf327e4549bf9139e8613244ac5a929\"\u003e\u003ccode\u003e3cd835c\u003c/code\u003e\u003c/a\u003e Remove broken playground link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/6e1289c3344e8b3aeb4f7ecd8ae70c36be8664df\"\u003e\u003ccode\u003e6e1289c\u003c/code\u003e\u003c/a\u003e Fix minification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/5090873fbff032d61968a32232346fafa65b06d2\"\u003e\u003ccode\u003e5090873\u003c/code\u003e\u003c/a\u003e Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e, removed old 'client' flag\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.6...v5.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=3.1.6\u0026new-version=5.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/SQLtattoo/GH500-class-demos/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SQLtattoo%2FGH500-class-demos/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4465981351","node_id":"PR_kwDOKAOxoM7cfc7L","number":10,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-18T03:15:23.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T03:11:33.000Z","updated_at":"2026-05-18T03:15:25.000Z","time_to_close":230,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"axios","old_version":"1.4.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"firebase","old_version":"10.1.0","new_version":"10.9.0","repository_url":"https://github.com/firebase/firebase-js-sdk"},{"name":"@adobe/css-tools","old_version":"4.2.0","new_version":"4.4.4","repository_url":"https://github.com/adobe/css-tools"},{"name":"@babel/helpers","old_version":"7.22.6","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.22.8","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"cross-spawn","old_version":"6.0.5","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"body-parser","old_version":"1.20.1","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.18.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"braces","old_version":"2.3.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"elliptic","old_version":"6.5.4","new_version":"removed","repository_url":"https://github.com/indutny/elliptic"},{"name":"http-proxy-middleware","old_version":"2.0.6","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"nanoid","old_version":"3.3.6","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"rollup","old_version":"2.79.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.88.2","new_version":"5.106.2","repository_url":"https://github.com/webpack/webpack"},{"name":"webpack-dev-middleware","old_version":"5.3.3","new_version":"5.3.4","repository_url":"https://github.com/webpack/webpack-dev-middleware"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.4.0` | `1.15.2` |\n| [firebase](https://github.com/firebase/firebase-js-sdk) | `10.1.0` | `10.9.0` |\n| [@adobe/css-tools](https://github.com/adobe/css-tools) | `4.2.0` | `4.4.4` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.22.6` | `7.29.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.22.8` | `7.29.0` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `6.0.5` | `7.0.6` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [elliptic](https://github.com/indutny/elliptic) | `6.5.4` | `removed` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.12` |\n| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.88.2` | `5.106.2` |\n| [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` |\n\n\nUpdates `axios` from 1.4.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.4.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `firebase` from 10.1.0 to 10.9.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/1eb302f5af15ae4e975d1989e489e3b119665271\"\u003e\u003ccode\u003e1eb302f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8063\"\u003e#8063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/b49886710ea2c49163f8840924abbc01ad729da2\"\u003e\u003ccode\u003eb498867\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/ce88e71e738ac7bb2cd5d63e4e314e2de82f72ef\"\u003e\u003ccode\u003ece88e71\u003c/code\u003e\u003c/a\u003e snapshot listeners source from cache (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/7982\"\u003e#7982\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/6d487d7dee631498bed1aeccbb45d8f14ae911d1\"\u003e\u003ccode\u003e6d487d7\u003c/code\u003e\u003c/a\u003e Prevent using authTokenSyncURL if the string begins with a double slash (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8060\"\u003e#8060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/b4d59d6659a1b6fb1d5a38c697668f2a2b4f030d\"\u003e\u003ccode\u003eb4d59d6\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/2b22838aa2c7ccec480b26c9702bbb98a0778250\"\u003e\u003ccode\u003e2b22838\u003c/code\u003e\u003c/a\u003e Fix glob pattern to work with Node 20 and its NPM version (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8059\"\u003e#8059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/feb5038e51bac1a4a90ef0bcc1db27770480fa48\"\u003e\u003ccode\u003efeb5038\u003c/code\u003e\u003c/a\u003e Update CI node.js versions to 20.x (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8055\"\u003e#8055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/245dd26e19b6c16aca7e1b7e597ed5784c2984ba\"\u003e\u003ccode\u003e245dd26\u003c/code\u003e\u003c/a\u003e Enforce authTokenSyncURL being a path and not a url. (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8056\"\u003e#8056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/e60188d47f59d00f7faf7ebb2c0d8e338014a0f8\"\u003e\u003ccode\u003ee60188d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8046\"\u003e#8046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/7e2efbf4e552d7e0534e49d1638af87aeb064545\"\u003e\u003ccode\u003e7e2efbf\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/firebase/firebase-js-sdk/compare/firebase@10.1.0...firebase@10.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@adobe/css-tools` from 4.2.0 to 4.4.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/adobe/css-tools/blob/main/docs/CHANGELOG.md\"\u003e@​adobe/css-tools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.4.4] - 2025-07-22\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch from yarn to npm for package management\u003c/li\u003e\n\u003cli\u003eSwitch from eslint to biome for code formatting and linting\u003c/li\u003e\n\u003cli\u003eReformat codebase to comply with biome recommendations\u003c/li\u003e\n\u003cli\u003eSwitch from webpack to rollup for bundling\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix module exports to ensure proper compatibility with bundlers\u003c/li\u003e\n\u003cli\u003eAdd validation check to prevent future export issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.4.3] - 2025-05-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix polynomial regular expression vulnerability on uncontrolled data\u003c/li\u003e\n\u003cli\u003eRefactor code to enable GitHub security static analysis\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove parsing performance with minor optimizations\u003c/li\u003e\n\u003cli\u003eReplace regex patterns with string search (indexOf-based) for better performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd new utility functions with comprehensive unit tests\u003c/li\u003e\n\u003cli\u003eAdd improved formatting for CSS Grid template areas (\u003ca href=\"https://redirect.github.com/adobe/css-tools/issues/283\"\u003e#283\u003c/a\u003e by \u003ca href=\"https://github.com/jogibear9988\"\u003e\u003ccode\u003e@​jogibear9988\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix TypeScript error with ConstructorParameters in Parcel bundler (\u003ca href=\"https://redirect.github.com/adobe/css-tools/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.4.2] - 2025-02-12\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix regular expression for parsing quoted values in parentheses\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.4.0] - 2024-06-05\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for CSS \u003ccode\u003e@starting-style\u003c/code\u003e at-rule (\u003ca href=\"https://redirect.github.com/adobe/css-tools/issues/319\"\u003e#319\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.3.3] - 2024-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate package export configuration (\u003ca href=\"https://redirect.github.com/adobe/css-tools/issues/271\"\u003e#271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.3.2] - 2023-11-28\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix ReDoS vulnerability with crafted CSS strings - CVE-2023-48631\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/adobe/css-tools/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.22.6 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.22.8 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.8.21 to 1.9.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid buffering significantly more than \u003ccode\u003egrpc.max_receive_message_size\u003c/code\u003e per received message.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could rarely cause connection leaks (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2644\"\u003e#2644\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients to go IDLE incorrectly some time after calling \u003ccode\u003ewaitForReady\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2643\"\u003e#2643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause the Node process to close early when establishing a connection while a request is pending (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2626\"\u003e#2626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause connectivity state information to become stale in some circumstances (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2623\"\u003e#2623\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a busy loop when recovering from a failure to establish a connection to a unix domain socket address target (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2618\"\u003e#2618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that caused clients to stop trying to connect to a fixed IP address target after a working connection drops (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2619\"\u003e#2619\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide the correct port to the proxy when connecting to a target without an explicitly specified port (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2608\"\u003e#2608\u003c/a\u003e contributed by \u003ca href=\"https://github.com/segevfiner\"\u003e\u003ccode\u003e@​segevfiner\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProperly handle goaway events with no additional data attached (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2611\"\u003e#2611\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a busy loop when recovering from a failure to establish a connection to a fixed IP address target (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2609\"\u003e#2609\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a memory leak caused by creating and closing multiple clients (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause a client to not update name resolution after multiple failed connection attempts (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2602\"\u003e#2602\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInclude more information in most \u0026quot;No connection established\u0026quot; errors (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2598\"\u003e#2598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the \u003ccode\u003eindex\u003c/code\u003e tracer, and add more information to other trace logs (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2599\"\u003e#2599\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a type inconsistency in \u003ccode\u003eserver-call.ts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2589\"\u003e#2589\u003c/a\u003e contributed by \u003ca href=\"https://github.com/rsnullptr\"\u003e\u003ccode\u003e@​rsnullptr\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClose ports if the server is shut down while the bind operation is ongoing (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2590\"\u003e#2590\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause a client to sometimes incorrectly hold the process open when no longer in use (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2586\"\u003e#2586\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake a few improvements to DNS resolving timing (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2571\"\u003e#2571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eExperimental changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003egrpc.experimental.BackoffTimeout#getEndTime\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle error when sending keepalive pings (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2563\"\u003e#2563\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650\"\u003e\u003ccode\u003e08b0422\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-7v5v-9h63-cj86\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/c75e04894829ff5c0eac83a3eea96724ec7cd118\"\u003e\u003ccode\u003ec75e048\u003c/code\u003e\u003c/a\u003e grpc-js: Bump to 1.9.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/d5d62b4d94acf05d4335122efa9e36b07955eb2d\"\u003e\u003ccode\u003ed5d62b4\u003c/code\u003e\u003c/a\u003e grpc-js: Avoid buffering significantly more than max_receive_message_size per...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/02d034489a923f7f9cb15d4720cc2c865b11ef12\"\u003e\u003ccode\u003e02d0344\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2741\"\u003e#2741\u003c/a\u003e from sergiitk/backport-1.9-psm-interop-common-prod-t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/cf14020643472af7ec56c3591c73f91d74c4aa73\"\u003e\u003ccode\u003ecf14020\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2729\"\u003e#2729\u003c/a\u003e from sergiitk/psm-interop-common-prod-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/da44229934a18519126f6993b6feed00c60ded0a\"\u003e\u003ccode\u003eda44229\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2738\"\u003e#2738\u003c/a\u003e from murgatroid99/backport-1.9-grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5ae7c8c84518fa49ec639cd36051d65e50db5a6c\"\u003e\u003ccode\u003e5ae7c8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2735\"\u003e#2735\u003c/a\u003e from murgatroid99/grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/eed21ba0bba8e8b1d8bc01001cfd0faf61bb9a75\"\u003e\u003ccode\u003eeed21ba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2714\"\u003e#2714\u003c/a\u003e from sergiitk/backport-1.9-psm-interop-pkg-dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/63763a40003b17e5e8f3f9c8d7f4aeb6592569f6\"\u003e\u003ccode\u003e63763a4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2712\"\u003e#2712\u003c/a\u003e from sergiitk/psm-interop-pkg-dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5be83dd878c5a2b857c38b113aabb3fad9bd376d\"\u003e\u003ccode\u003e5be83dd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2643\"\u003e#2643\u003c/a\u003e from murgatroid99/grpc-js_idle_timer_fix\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.21...@grpc/grpc-js@1.9.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 6.11.3 to 7.5.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eprotobufjs: v7.5.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.3...protobufjs-v7.5.4\"\u003e7.5.4\u003c/a\u003e (2025-08-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einvalid syntax in descriptor.proto (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2092\"\u003e#2092\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/5a3769a465fead089a533ad55c21d069299df760\"\u003e5a3769a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.2...protobufjs-v7.5.3\"\u003e7.5.3\u003c/a\u003e (2025-05-28)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.5.9/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.3...protobufjs-v7.5.4\"\u003e7.5.4\u003c/a\u003e (2025-08-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einvalid syntax in descriptor.proto (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2092\"\u003e#2092\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/5a3769a465fead089a533ad55c21d069299df760\"\u003e5a3769a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.2...protobufjs-v7.5.3\"\u003e7.5.3\u003c/a\u003e (2025-05-28)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edescriptor extensions handling post-editions (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2075\"\u003e#2075\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/6e255d4ad6982cc857f26e1731c2cedcf5796f68\"\u003e6e255d4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.1...protobufjs-v7.5.2\"\u003e7.5.2\u003c/a\u003e (2025-05-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure that types are always resolved (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2068\"\u003e#2068\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/4b51cb2b8450b77f9f5de1c562e7fae93b19d040\"\u003e4b51cb2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.0...protobufjs-v7.5.1\"\u003e7.5.1\u003c/a\u003e (2025-05-08)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/2189e5beeca6a70e4c104dfdb9fb8200bc5f81fe\"\u003e\u003ccode\u003e2189e5b\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2174\"\u003e#2174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e\u003ccode\u003e75392ea\u003c/code\u003e\u003c/a\u003e fix: Backport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/v6.11.3...protobufjs-v7.5.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 6.0.5 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.2...v7.0.3\"\u003e7.0.3\u003c/a\u003e (2020-05-25)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edetect path key based on correct environment (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/133\"\u003e#133\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/159e7e9785e57451cba034ae51719f97135074ae\"\u003e159e7e9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2020-04-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix worker threads in Node \u0026gt;=11.10.0 (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/132\"\u003e#132\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6c5b4f015814a6c4f6b33230dfd1a860aedc0aaf\"\u003e6c5b4f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2019-10-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/cfd49c9\"\u003ecfd49c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2019-09-03)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003edrop support for Node.js \u0026lt; 8\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003edrop support for versions below Node.js 8 (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/125\"\u003e#125\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/16feb53\"\u003e16feb53\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.1 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href...\n\n_Description has been truncated_","html_url":"https://github.com/Sunny-64/NFT-marketplace/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sunny-64%2FNFT-marketplace/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4463358875","node_id":"PR_kwDOHeIors7cXkPV","number":3,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 42 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-17T11:49:18.000Z","updated_at":"2026-05-17T11:51:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":42,"packages":[{"name":"firebase","old_version":"9.9.0","new_version":"10.9.0","repository_url":"https://github.com/firebase/firebase-js-sdk"},{"name":"semver","old_version":"6.3.0","new_version":"7.8.0","repository_url":"https://github.com/npm/node-semver"},{"name":"@babel/helpers","old_version":"7.18.2","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.18.4","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.11.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"body-parser","old_version":"1.20.0","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.18.1","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"ejs","old_version":"3.1.8","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.0","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.1","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.6","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"json5","old_version":"1.0.1","new_version":"2.2.3","repository_url":"https://github.com/json5/json5"},{"name":"loader-utils","old_version":"2.0.2","new_version":"2.0.4","repository_url":"https://github.com/webpack/loader-utils"},{"name":"loader-utils","old_version":"3.2.0","new_version":"3.3.1","repository_url":"https://github.com/webpack/loader-utils"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"micromatch","old_version":"4.0.5","new_version":"4.0.8","repository_url":"https://github.com/micromatch/micromatch"},{"name":"nanoid","old_version":"3.3.4","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"node-forge","old_version":"1.3.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"react-router","old_version":"6.3.0","new_version":"6.30.3","repository_url":"https://github.com/remix-run/react-router"},{"name":"rollup","old_version":"2.75.6","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tough-cookie","old_version":"4.0.0","new_version":"4.1.4","repository_url":"https://github.com/salesforce/tough-cookie"},{"name":"webpack","old_version":"5.73.0","new_version":"5.106.2","repository_url":"https://github.com/webpack/webpack"},{"name":"webpack-dev-middleware","old_version":"5.3.3","new_version":"5.3.4","repository_url":"https://github.com/webpack/webpack-dev-middleware"},{"name":"ws","old_version":"8.7.0","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.8","new_version":"7.5.10","repository_url":"https://github.com/websockets/ws"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 34 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [firebase](https://github.com/firebase/firebase-js-sdk) | `9.9.0` | `10.9.0` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `7.8.0` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.18.2` | `7.29.2` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.18.4` | `7.29.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.11.0` | `8.20.0` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.1` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.8` | `3.1.10` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.0` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.16.0` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `2.2.3` |\n| [loader-utils](https://github.com/webpack/loader-utils) | `2.0.2` | `2.0.4` |\n| [loader-utils](https://github.com/webpack/loader-utils) | `3.2.0` | `3.3.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.12` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.3.0` | `6.30.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.75.6` | `2.80.0` |\n| [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.0.0` | `4.1.4` |\n| [webpack](https://github.com/webpack/webpack) | `5.73.0` | `5.106.2` |\n| [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` |\n| [ws](https://github.com/websockets/ws) | `8.7.0` | `8.20.1` |\n| [ws](https://github.com/websockets/ws) | `7.5.8` | `7.5.10` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `firebase` from 9.9.0 to 10.9.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/1eb302f5af15ae4e975d1989e489e3b119665271\"\u003e\u003ccode\u003e1eb302f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8063\"\u003e#8063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/b49886710ea2c49163f8840924abbc01ad729da2\"\u003e\u003ccode\u003eb498867\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/ce88e71e738ac7bb2cd5d63e4e314e2de82f72ef\"\u003e\u003ccode\u003ece88e71\u003c/code\u003e\u003c/a\u003e snapshot listeners source from cache (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/7982\"\u003e#7982\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/6d487d7dee631498bed1aeccbb45d8f14ae911d1\"\u003e\u003ccode\u003e6d487d7\u003c/code\u003e\u003c/a\u003e Prevent using authTokenSyncURL if the string begins with a double slash (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8060\"\u003e#8060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/b4d59d6659a1b6fb1d5a38c697668f2a2b4f030d\"\u003e\u003ccode\u003eb4d59d6\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/2b22838aa2c7ccec480b26c9702bbb98a0778250\"\u003e\u003ccode\u003e2b22838\u003c/code\u003e\u003c/a\u003e Fix glob pattern to work with Node 20 and its NPM version (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8059\"\u003e#8059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/feb5038e51bac1a4a90ef0bcc1db27770480fa48\"\u003e\u003ccode\u003efeb5038\u003c/code\u003e\u003c/a\u003e Update CI node.js versions to 20.x (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8055\"\u003e#8055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/245dd26e19b6c16aca7e1b7e597ed5784c2984ba\"\u003e\u003ccode\u003e245dd26\u003c/code\u003e\u003c/a\u003e Enforce authTokenSyncURL being a path and not a url. (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8056\"\u003e#8056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/e60188d47f59d00f7faf7ebb2c0d8e338014a0f8\"\u003e\u003ccode\u003ee60188d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8046\"\u003e#8046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/7e2efbf4e552d7e0534e49d1638af87aeb064545\"\u003e\u003ccode\u003e7e2efbf\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/firebase/firebase-js-sdk/compare/firebase@9.9.0...firebase@10.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 6.3.0 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/efa4be6096c1f9b77d9d27d6132f6220c43b4e31\"\u003e\u003ccode\u003eefa4be6\u003c/code\u003e\u003c/a\u003e chore: release 7.8.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/847\"\u003e#847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply@5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e fix: Warn when defaulting to --inc=patch in CLI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e feat: Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e docs: fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e docs: fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5993c2e42bdf17c5f03e6360da51bc707fcee460\"\u003e\u003ccode\u003e5993c2e\u003c/code\u003e\u003c/a\u003e chore: release 7.7.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e deps: \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.29.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/node-semver/compare/v6.3.0...v7.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for semver since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.18.2 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.18.4 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.18.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.6.7 to 1.9.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid buffering significantly more than \u003ccode\u003egrpc.max_receive_message_size\u003c/code\u003e per received message.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could rarely cause connection leaks (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2644\"\u003e#2644\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients to go IDLE incorrectly some time after calling \u003ccode\u003ewaitForReady\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2643\"\u003e#2643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause the Node process to close early when establishing a connection while a request is pending (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2626\"\u003e#2626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause connectivity state information to become stale in some circumstances (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2623\"\u003e#2623\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a busy loop when recovering from a failure to establish a connection to a unix domain socket address target (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2618\"\u003e#2618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that caused clients to stop trying to connect to a fixed IP address target after a working connection drops (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2619\"\u003e#2619\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide the correct port to the proxy when connecting to a target without an explicitly specified port (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2608\"\u003e#2608\u003c/a\u003e contributed by \u003ca href=\"https://github.com/segevfiner\"\u003e\u003ccode\u003e@​segevfiner\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProperly handle goaway events with no additional data attached (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2611\"\u003e#2611\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a busy loop when recovering from a failure to establish a connection to a fixed IP address target (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2609\"\u003e#2609\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a memory leak caused by creating and closing multiple clients (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause a client to not update name resolution after multiple failed connection attempts (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2602\"\u003e#2602\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInclude more information in most \u0026quot;No connection established\u0026quot; errors (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2598\"\u003e#2598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the \u003ccode\u003eindex\u003c/code\u003e tracer, and add more information to other trace logs (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2599\"\u003e#2599\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a type inconsistency in \u003ccode\u003eserver-call.ts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2589\"\u003e#2589\u003c/a\u003e contributed by \u003ca href=\"https://github.com/rsnullptr\"\u003e\u003ccode\u003e@​rsnullptr\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClose ports if the server is shut down while the bind operation is ongoing (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2590\"\u003e#2590\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause a client to sometimes incorrectly hold the process open when no longer in use (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2586\"\u003e#2586\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake a few improvements to DNS resolving timing (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2571\"\u003e#2571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eExperimental changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003egrpc.experimental.BackoffTimeout#getEndTime\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle error when sending keepalive pings (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2563\"\u003e#2563\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650\"\u003e\u003ccode\u003e08b0422\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-7v5v-9h63-cj86\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/c75e04894829ff5c0eac83a3eea96724ec7cd118\"\u003e\u003ccode\u003ec75e048\u003c/code\u003e\u003c/a\u003e grpc-js: Bump to 1.9.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/d5d62b4d94acf05d4335122efa9e36b07955eb2d\"\u003e\u003ccode\u003ed5d62b4\u003c/code\u003e\u003c/a\u003e grpc-js: Avoid buffering significantly more than max_receive_message_size per...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/02d034489a923f7f9cb15d4720cc2c865b11ef12\"\u003e\u003ccode\u003e02d0344\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2741\"\u003e#2741\u003c/a\u003e from sergiitk/backport-1.9-psm-interop-common-prod-t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/cf14020643472af7ec56c3591c73f91d74c4aa73\"\u003e\u003ccode\u003ecf14020\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2729\"\u003e#2729\u003c/a\u003e from sergiitk/psm-interop-common-prod-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/da44229934a18519126f6993b6feed00c60ded0a\"\u003e\u003ccode\u003eda44229\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2738\"\u003e#2738\u003c/a\u003e from murgatroid99/backport-1.9-grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5ae7c8c84518fa49ec639cd36051d65e50db5a6c\"\u003e\u003ccode\u003e5ae7c8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-n...\n\n_Description has been truncated_","html_url":"https://github.com/LautaroDerose/DeroseEcommerceCoderhouse/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LautaroDerose%2FDeroseEcommerceCoderhouse/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"4462141744","node_id":"PR_kwDOEzH_b87cUAqS","number":2242,"state":"closed","title":"Bump the npm_and_yarn group across 16 directories with 27 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T05:09:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-17T03:24:44.000Z","updated_at":"2026-05-22T05:09:55.000Z","time_to_close":438301,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":27,"packages":[{"name":"axios","old_version":"0.21.4","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"body-parser","old_version":"1.20.2","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.18.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"esbuild","old_version":"0.18.20","new_version":"0.25.0","repository_url":"https://github.com/evanw/esbuild"},{"name":"@babel/runtime","old_version":"7.22.15","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.2.7","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the /samples/app-auth/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.20` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.22.15` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 17 updates in the /samples/app-checkin-location/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.11` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.4` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 18 updates in the /samples/app-complete-auth/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [axios](https://github.com/axios/axios) | `1.6.7` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `9.0.3` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.20` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.20` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 2 updates in the /samples/app-installation-using-qr-code/nodejs directory: [axios](https://github.com/axios/axios) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 12 updates in the /samples/app-link-unfurling-in-share-to-teams/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.8` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.14` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.20.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 11 updates in the /samples/bot-file-upload/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.11` | `0.25.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.11.0` | `6.15.2` |\n\nBumps the npm_and_yarn group with 2 updates in the /samples/bot-join-team-using-qr-code/nodejs directory: [axios](https://github.com/axios/axios) and [brace-expansion](https://github.com/juliangruber/brace-expansion).\nBumps the npm_and_yarn group with 17 updates in the /samples/bot-request-approval/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.11` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.4` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 2 updates in the /samples/bot-sharepoint-file-viewer/nodejs directory: [axios](https://github.com/axios/axios) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /samples/bot-type-ahead-search-adaptive-cards/nodejs directory: [axios](https://github.com/axios/axios) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 13 updates in the /samples/meetings-notification/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.8` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 17 updates in the /samples/msgext-message-reminder/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.4` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 15 updates in the /samples/msgext-search-sso-config/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `1.16.1` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.20` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.13.2` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.4` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.9.6` | `6.15.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 11 updates in the /samples/msgext-search/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.11` | `0.25.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.11.0` | `6.15.2` |\n\nBumps the npm_and_yarn group with 15 updates in the /samples/tab-stage-view/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.14` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.14.8` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 17 updates in the /samples/tab-staggered-permission/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `removed` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.1` | `2.7.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\n\nUpdates `axios` from 0.21.4 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.21.4...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.2 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.2...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.9 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.9...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/ex...\n\n_Description has been truncated_","html_url":"https://github.com/OfficeDev/Microsoft-Teams-Samples/pull/2242","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OfficeDev%2FMicrosoft-Teams-Samples/issues/2242","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2242/packages"},{"uuid":"4460015898","node_id":"PR_kwDODgBikc7cNuvB","number":747,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 31 updates","user":"dependabot[bot]","labels":["dependencies","size/XS","stale","javascript"],"assignees":["aravindvnair99"],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T13:27:21.000Z","updated_at":"2026-05-31T03:03:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":31,"packages":[{"name":"axios","old_version":"0.25.0","new_version":"0.31.1","repository_url":"https://github.com/axios/axios"},{"name":"ejs","old_version":"3.1.7","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"semver","old_version":"5.7.1","new_version":"7.8.0","repository_url":"https://github.com/npm/node-semver"},{"name":"@babel/traverse","old_version":"7.20.5","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@grpc/grpc-js","old_version":"1.7.3","new_version":"1.8.22","repository_url":"https://github.com/grpc/grpc-node"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"body-parser","old_version":"1.20.1","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.18.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cookie","old_version":"0.4.1","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"minimatch","old_version":"3.1.2","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.2.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"jose","old_version":"2.0.6","new_version":"2.0.7","repository_url":"https://github.com/panva/jose"},{"name":"json5","old_version":"2.2.1","new_version":"2.2.3","repository_url":"https://github.com/json5/json5"},{"name":"jsonwebtoken","old_version":"8.5.1","new_version":"9.0.3","repository_url":"https://github.com/auth0/node-jsonwebtoken"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 18 updates in the /functions directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.25.0` | `0.31.1` |\n| [ejs](https://github.com/mde/ejs) | `3.1.7` | `3.1.10` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `7.8.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.20.5` | `7.29.0` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.7.3` | `1.8.22` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `2.1.0` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [jose](https://github.com/panva/jose) | `2.0.6` | `2.0.7` |\n| [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `9.0.3` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\n\nUpdates `axios` from 0.25.0 to 0.31.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection \u0026amp; Proxy Bypass:\u003c/strong\u003e Backports v1 security hardening — sanitizes outgoing header values to strip invalid bytes, CRLF sequences, and boundary whitespace (including array values); adds proper \u003ccode\u003eNO_PROXY\u003c/code\u003e/\u003ccode\u003eno_proxy\u003c/code\u003e enforcement covering wildcards, explicit ports, loopback aliases (\u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, \u003ccode\u003e::1\u003c/code\u003e), bracketed IPv6, and trailing-dot hostnames. Proxy bypass is now checked before the proxy URL is parsed, and \u003ccode\u003eparsed.host\u003c/code\u003e is used for correct port and IPv6 handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10688\"\u003e#10688\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCI Security:\u003c/strong\u003e SHA-pins all actions and disables credential persistence in v0.x CI, introduces \u003ccode\u003ezizmor\u003c/code\u003e security scanning with SARIF upload to code scanning, adds an OIDC Trusted Publishing workflow with npm provenance attestations, and gates all publishes behind a required \u003ccode\u003enpm-publish\u003c/code\u003e GitHub Environment with configurable reviewer protections. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTypeScript — \u003ccode\u003eAxiosInstance\u003c/code\u003e Return Types:\u003c/strong\u003e Fixes return types in \u003ccode\u003eAxiosInstance\u003c/code\u003e methods to correctly resolve to \u003ccode\u003ePromise\u0026lt;R\u0026gt;\u003c/code\u003e (matching \u003ccode\u003eAxiosPromise\u0026lt;T\u0026gt;\u003c/code\u003e semantics), and corrects the generic call signature so TypeScript properly enforces the response data type. TypeScript-only changes; no runtime impact. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7328\"\u003e#7328\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePerformance:\u003c/strong\u003e Fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e that caused excessive computation when the argument was a large string. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eVersioning \u0026amp; CI Workflow:\u003c/strong\u003e Adds an automated versioning flow for v0.x, renames the CI workflow for consistency with the v1.x naming convention, and corrects the branch name reference in CI config. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10690\"\u003e#10690\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10691\"\u003e#10691\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10692\"\u003e#10692\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nakataki17\"\u003e\u003ccode\u003e@​nakataki17\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/gmasclet\"\u003e\u003ccode\u003e@​gmasclet\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/shaanmajid\"\u003e\u003ccode\u003e@​shaanmajid\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/ivan-churakov\"\u003e\u003ccode\u003e@​ivan-churakov\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7328\"\u003e#7328\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.30.3...v0.31.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5073eca0edd37b13a0e39dcb48794d779b7dff8d\"\u003e\u003ccode\u003e5073eca\u003c/code\u003e\u003c/a\u003e chore: release v0.31.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10697\"\u003e#10697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b57eb1a93214c9d6840035add0cc705fa9d6d697\"\u003e\u003ccode\u003eb57eb1a\u003c/code\u003e\u003c/a\u003e ci: update branch name (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10692\"\u003e#10692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.25.0...v0.31.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.7 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.7...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 5.7.1 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/efa4be6096c1f9b77d9d27d6132f6220c43b4e31\"\u003e\u003ccode\u003eefa4be6\u003c/code\u003e\u003c/a\u003e chore: release 7.8.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/847\"\u003e#847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply@5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e fix: Warn when defaulting to --inc=patch in CLI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e feat: Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e docs: fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e docs: fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5993c2e42bdf17c5f03e6360da51bc707fcee460\"\u003e\u003ccode\u003e5993c2e\u003c/code\u003e\u003c/a\u003e chore: release 7.7.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e deps: \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.29.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/node-semver/compare/v5.7.1...v7.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for semver since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.20.5 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.7.3 to 1.8.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid buffering significantly more than \u003ccode\u003egrpc.max_receive_message_size\u003c/code\u003e per received message.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.8.21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix propagation of UNIMPLEMENTED error messages (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2528\"\u003e#2528\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a crash when the channel option \u003ccode\u003egrpc.keepalive_permit_without_calls\u003c/code\u003e is set (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate keepalive behavior to more correctly handle short calls and long periods of inactivity (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2513\"\u003e#2513\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix reporting of call stacks in unary request errors (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2503\"\u003e#2503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix reporting of proxy info in channelz socket responses (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2503\"\u003e#2503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisallow \u003ccode\u003epick_first\u003c/code\u003e LB policy as the direct child of an \u003ccode\u003eoutlier_detection\u003c/code\u003e LB policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2476\"\u003e#2476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix missing \u003ccode\u003etransport\u003c/code\u003e trace logs (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2470\"\u003e#2470\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a memory leak that could result from a specific pattern of recursive function calls (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2456\"\u003e#2456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003estatus\u003c/code\u003e and \u003ccode\u003eerror\u003c/code\u003e events are consistently emitted asynchronously (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2456\"\u003e#2456\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix sequencing of some events related to connectivity state changes (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2421\"\u003e#2421\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix memory leak in channelz socket tracking (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2394\"\u003e#2394\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.8.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix an occasional type error when receiving DNS updates (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2380\"\u003e#2380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix ordering of events when handing requests on the server (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2376\"\u003e#2376\u003c/a\u003e contributed by \u003ca href=\"https://github.com/phoenix741\"\u003e\u003ccode\u003e@​phoenix741\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid accumulating placeholder objects when sending many messages on a long-running stream (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2372\"\u003e#2372\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix bugs in \u0026quot;pick first\u0026quot; load balancing policy that caused incorrect reconnection behavior (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2369\"\u003e#2369\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug where clients would continue to send pings at the original configured rate after receiving a backoff request from the server (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2363\"\u003e#2363\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eprogress\u003c/code\u003e field in returned status object (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2350\"\u003e#2350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExport \u003ccode\u003eInterceptingListener\u003c/code\u003e and \u003ccode\u003eNextCall\u003c/code\u003e types (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2351\"\u003e#2351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause a crash when sending messages that exceed the outgoing message buffer size while a retry is in progress (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2349\"\u003e#2349\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a8a020339c7eab1347a343a512ad17a4aea4bfdb\"\u003e\u003ccode\u003ea8a0203\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-7v5v-9h63-cj86\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/3b110cddfe4c895d6f642092b99a6667cef5ae00\"\u003e\u003ccode\u003e3b110cd\u003c/code\u003e\u003c/a\u003e grpc-js: Bump to 1.8.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/8e622220c8af437687927d25aeb3f340447aed43\"\u003e\u003ccode\u003e8e62222\u003c/code\u003e\u003c/a\u003e grpc-js: Avoid buffering significantly more than max_receive_message_size per...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/9d8394738f0db40582ff3866e1c868109446122c\"\u003e\u003ccode\u003e9d83947\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2742\"\u003e#2742\u003c/a\u003e from sergiitk/backport-1.8-psm-interop-common-prod-t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/00f348c4861ab87aa3c18935a07babd0715227a6\"\u003e\u003ccode\u003e00f348c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2729\"\u003e#2729\u003c/a\u003e from sergiitk/psm-interop-common-prod-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/36d105b1953b10ecd6b9119f37ebcb03f7ab030e\"\u003e\u003ccode\u003e36d105b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2737\"\u003e#2737\u003c/a\u003e from murgatroid99/backport-1.8-grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/969e30502767f3d7036b975efbffcc97b1fff40d\"\u003e\u003ccode\u003e969e305\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2735\"\u003e#2735\u003c/a\u003e from murgatroid99/grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/d78216f28378a2cec9914ba23470d04ce735a821\"\u003e\u003ccode\u003ed78216f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2715\"\u003e#2715\u003c/a\u003e from sergiitk/backport-1.8-psm-interop-pkg-dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/f38966aab5cd7b4c94cb6f3e6a518375f11f5e52\"\u003e\u003ccode\u003ef38966a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2712\"\u003e#2712\u003c/a\u003e from sergiitk/psm-interop-pkg-dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/ffefff2570d56f59ac701e4204afcb987870c2ec\"\u003e\u003ccode\u003effefff2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2640\"\u003e#2640\u003c/a\u003e from XuanWang-Amos/backport-1.8-psm-interop-shared-b...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.7.3...@grpc/grpc-js@1.8.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.1 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce336...\n\n_Description has been truncated_","html_url":"https://github.com/aravindvnair99/Spot-the-Hole/pull/747","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aravindvnair99%2FSpot-the-Hole/issues/747","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/747/packages"},{"uuid":"4444534534","node_id":"PR_kwDOEzH_b87bckQr","number":2132,"state":"closed","title":"Bump the npm_and_yarn group across 2 directories with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-15T01:09:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-14T08:49:09.000Z","updated_at":"2026-05-15T01:09:57.000Z","time_to_close":58846,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"body-parser","old_version":"1.19.1","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"esbuild","old_version":"0.18.13","new_version":"0.25.0","repository_url":"https://github.com/evanw/esbuild"},{"name":"jsonwebtoken","old_version":"8.5.1","new_version":"9.0.3","repository_url":"https://github.com/auth0/node-jsonwebtoken"},{"name":"semver","old_version":"7.3.5","new_version":"7.8.0","repository_url":"https://github.com/npm/node-semver"},{"name":"semver","old_version":"6.3.0","new_version":"6.3.1","repository_url":"https://github.com/npm/node-semver"},{"name":"semver","old_version":"5.7.1","new_version":"5.7.2","repository_url":"https://github.com/npm/node-semver"},{"name":"@babel/runtime","old_version":"7.12.13","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"got","old_version":"9.6.0","new_version":"removed","repository_url":"https://github.com/sindresorhus/got"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"json5","old_version":"1.0.1","new_version":"1.0.2","repository_url":"https://github.com/json5/json5"},{"name":"minimist","old_version":"1.2.5","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"node-fetch","old_version":"2.6.1","new_version":"2.7.0","repository_url":"https://github.com/node-fetch/node-fetch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the /samples/tab-staggered-permission/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `9.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.1` | `2.7.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 15 updates in the /samples/tab-stage-view/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.14` | `0.25.0` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.14.8` | `7.29.2` |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\n\nUpdates `body-parser` from 1.19.1 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.19.1...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.6 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003ch2\u003ev3.1.7\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.7\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.6...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.18.13 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis release deliberately contains backwards-incompatible changes.\u003c/strong\u003e To avoid automatically picking up releases like this, you should either be pinning the exact version of \u003ccode\u003eesbuild\u003c/code\u003e in your \u003ccode\u003epackage.json\u003c/code\u003e file (recommended) or be using a version range syntax that only accepts patch upgrades such as \u003ccode\u003e^0.24.0\u003c/code\u003e or \u003ccode\u003e~0.24.0\u003c/code\u003e. See npm's documentation about \u003ca href=\"https://docs.npmjs.com/cli/v6/using-npm/semver/\"\u003esemver\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRestrict access to esbuild's development server (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99\"\u003eGHSA-67mh-4wv8-2f99\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis change addresses esbuild's first security vulnerability report. Previously esbuild set the \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header to \u003ccode\u003e*\u003c/code\u003e to allow esbuild's development server to be flexible in how it's used for development. However, this allows the websites you visit to make HTTP requests to esbuild's local development server, which gives read-only access to your source code if the website were to fetch your source code's specific URL. You can read more information in \u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99\"\u003ethe report\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eStarting with this release, \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS\"\u003eCORS\u003c/a\u003e will now be disabled, and requests will now be denied if the host does not match the one provided to \u003ccode\u003e--serve=\u003c/code\u003e. The default host is \u003ccode\u003e0.0.0.0\u003c/code\u003e, which refers to all of the IP addresses that represent the local machine (e.g. both \u003ccode\u003e127.0.0.1\u003c/code\u003e and \u003ccode\u003e192.168.0.1\u003c/code\u003e). If you want to customize anything about esbuild's development server, you can \u003ca href=\"https://esbuild.github.io/api/#serve-proxy\"\u003eput a proxy in front of esbuild\u003c/a\u003e and modify the incoming and/or outgoing requests.\u003c/p\u003e\n\u003cp\u003eIn addition, the \u003ccode\u003eserve()\u003c/code\u003e API call has been changed to return an array of \u003ccode\u003ehosts\u003c/code\u003e instead of a single \u003ccode\u003ehost\u003c/code\u003e string. This makes it possible to determine all of the hosts that esbuild's development server will accept.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDelete output files when a build fails in watch mode (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3643\"\u003e#3643\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIt has been requested for esbuild to delete files when a build fails in watch mode. Previously esbuild left the old files in place, which could cause people to not immediately realize that the most recent build failed. With this release, esbuild will now delete all output files if a rebuild fails. Fixing the build error and triggering another rebuild will restore all output files again.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix correctness issues with the CSS nesting transform (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3620\"\u003e#3620\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3877\"\u003e#3877\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3933\"\u003e#3933\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3997\"\u003e#3997\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4005\"\u003e#4005\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4037\"\u003e#4037\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4038\"\u003e#4038\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes the following problems:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNaive expansion of CSS nesting can result in an exponential blow-up of generated CSS if each nesting level has multiple selectors. Previously esbuild sometimes collapsed individual nesting levels using \u003ccode\u003e:is()\u003c/code\u003e to limit expansion. However, this collapsing wasn't correct in some cases, so it has been removed to fix correctness issues.\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\r\n.parent {\r\n  \u0026gt; .a,\r\n  \u0026gt; .b1 \u0026gt; .b2 {\r\n    color: red;\r\n  }\r\n}\r\n\u003cp\u003e/* Old output (with --supported:nesting=false) */\u003cbr /\u003e\n.parent \u0026gt; :is(.a, .b1 \u0026gt; .b2) {\u003cbr /\u003e\ncolor: red;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --supported:nesting=false) */\u003cbr /\u003e\n.parent \u0026gt; .a,\u003cbr /\u003e\n.parent \u0026gt; .b1 \u0026gt; .b2 {\u003cbr /\u003e\ncolor: red;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/tim-we\"\u003e\u003ccode\u003e@​tim-we\u003c/code\u003e\u003c/a\u003e for working on a fix.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003e\u0026amp;\u003c/code\u003e CSS nesting selector can be repeated multiple times to increase CSS specificity. Previously esbuild ignored this possibility and incorrectly considered \u003ccode\u003e\u0026amp;\u0026amp;\u003c/code\u003e to have the same specificity as \u003ccode\u003e\u0026amp;\u003c/code\u003e. With this release, this should now work correctly:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code (color should be red) */\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2023.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2023\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2023 (versions 0.16.13 through 0.19.11).\u003c/p\u003e\n\u003ch2\u003e0.19.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix TypeScript-specific class transform edge case (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3559\"\u003e#3559\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release introduced an optimization that avoided transforming \u003ccode\u003esuper()\u003c/code\u003e in the class constructor for TypeScript code compiled with \u003ccode\u003euseDefineForClassFields\u003c/code\u003e set to \u003ccode\u003efalse\u003c/code\u003e if all class instance fields have no initializers. The rationale was that in this case, all class instance fields are omitted in the output so no changes to the constructor are needed. However, if all of this is the case \u003cem\u003eand\u003c/em\u003e there are \u003ccode\u003e#private\u003c/code\u003e instance fields with initializers, those private instance field initializers were still being moved into the constructor. This was problematic because they were being inserted before the call to \u003ccode\u003esuper()\u003c/code\u003e (since \u003ccode\u003esuper()\u003c/code\u003e is now no longer transformed in that case). This release introduces an additional optimization that avoids moving the private instance field initializers into the constructor in this edge case, which generates smaller code, matches the TypeScript compiler's output more closely, and avoids this bug:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e// Original code\nclass Foo extends Bar {\n  #private = 1;\n  public: any;\n  constructor() {\n    super();\n  }\n}\n\u003cp\u003e// Old output (with esbuild v0.19.9)\u003cbr /\u003e\nclass Foo extends Bar {\u003cbr /\u003e\nconstructor() {\u003cbr /\u003e\nsuper();\u003cbr /\u003e\nthis.#private = 1;\u003cbr /\u003e\n}\u003cbr /\u003e\n#private;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Old output (with esbuild v0.19.10)\u003cbr /\u003e\nclass Foo extends Bar {\u003cbr /\u003e\nconstructor() {\u003cbr /\u003e\nthis.#private = 1;\u003cbr /\u003e\nsuper();\u003cbr /\u003e\n}\u003cbr /\u003e\n#private;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// New output\u003cbr /\u003e\nclass Foo extends Bar {\u003cbr /\u003e\n#private = 1;\u003cbr /\u003e\nconstructor() {\u003cbr /\u003e\nsuper();\u003cbr /\u003e\n}\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMinifier: allow reording a primitive past a side-effect (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3568\"\u003e#3568\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe minifier previously allowed reordering a side-effect past a primitive, but didn't handle the case of reordering a primitive past a side-effect. This additional case is now handled:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e9174d671b1882758cd32ac5e146200f5bee3e45\"\u003e\u003ccode\u003ee9174d6\u003c/code\u003e\u003c/a\u003e publish 0.25.0 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/c27dbebb9e7a55dd9a084dd151dddd840787490e\"\u003e\u003ccode\u003ec27dbeb\u003c/code\u003e\u003c/a\u003e fix \u003ccode\u003ehosts\u003c/code\u003e in \u003ccode\u003eplugin-tests.js\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/6794f602a453cf0255bcae245871de120a89a559\"\u003e\u003ccode\u003e6794f60\u003c/code\u003e\u003c/a\u003e fix \u003ccode\u003ehosts\u003c/code\u003e in \u003ccode\u003enode-unref-tests.js\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/de85afd65edec9ebc44a11e245fd9e9a2e99760d\"\u003e\u003ccode\u003ede85afd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/da1de1bf77a65f06654b49878d9ec4747ddaa21f\"\u003e\u003ccode\u003eda1de1b\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4065\"\u003e#4065\u003c/a\u003e: bitwise operators can return bigints\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f4e9d19fb20095a98bf40634f0380f6a16be91e7\"\u003e\u003ccode\u003ef4e9d19\u003c/code\u003e\u003c/a\u003e switch case liveness: \u003ccode\u003edefault\u003c/code\u003e is always last\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/7aa47c3e778ea04849f97f18dd9959df88fa0886\"\u003e\u003ccode\u003e7aa47c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4028\"\u003e#4028\u003c/a\u003e: minify live/dead \u003ccode\u003eswitch\u003c/code\u003e cases better\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/22ecd306190b8971ec4474b5485266c20350e266\"\u003e\u003ccode\u003e22ecd30\u003c/code\u003e\u003c/a\u003e minify: more constant folding for strict equality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4cdf03c03697128044fa8fb76e5c478e9765b353\"\u003e\u003ccode\u003e4cdf03c\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4053\"\u003e#4053\u003c/a\u003e: reordering of \u003ccode\u003e.tsx\u003c/code\u003e in \u003ccode\u003enode_modules\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/dc719775b7140120916bd9e6777ca1cb8a1cdc0e\"\u003e\u003ccode\u003edc71977\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3692\"\u003e#3692\u003c/a\u003e: \u003ccode\u003e0\u003c/code\u003e now picks a random ephemeral port\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.18.13...v0.25.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jsonwebtoken` from 8.5.1 to 9.0.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md\"\u003ejsonwebtoken's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.3 - 2025-12-04\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eupdates jws version to 4.0.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0.2 - 2023-08-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: updating semver to 7.5.4 to resolve CVE-2022-25883, closes \u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/921\"\u003e#921\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003erefactor: reduce library size by using lodash specific dependencies, closes \u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/878\"\u003e#878\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0.1 - 2023-07-05\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(stubs): allow decode method to be stubbed\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0.0 - 2022-12-21\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes: See \u003ca href=\"https://github.com/auth0/node-jsonwebtoken/wiki/Migration-Notes:-v8-to-v9\"\u003eMigration from v8 to v9\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved support for Node versions 11 and below.\u003c/li\u003e\n\u003cli\u003eThe verify() function no longer accepts unsigned tokens by default. ([834503079514b72264fd13023a3b8d648afd6a16]\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/834503079514b72264fd13023a3b8d648afd6a16\"\u003ehttps://github.com/auth0/node-jsonwebtoken/commit/834503079514b72264fd13023a3b8d648afd6a16\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRSA key size must be 2048 bits or greater. ([ecdf6cc6073ea13a7e71df5fad043550f08d0fa6]\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/ecdf6cc6073ea13a7e71df5fad043550f08d0fa6\"\u003ehttps://github.com/auth0/node-jsonwebtoken/commit/ecdf6cc6073ea13a7e71df5fad043550f08d0fa6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKey types must be valid for the signing / verification algorithm\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: fixes \u003ccode\u003eArbitrary File Write via verify function\u003c/code\u003e - CVE-2022-23529\u003c/li\u003e\n\u003cli\u003esecurity: fixes \u003ccode\u003eInsecure default algorithm in jwt.verify() could lead to signature validation bypass\u003c/code\u003e - CVE-2022-23540\u003c/li\u003e\n\u003cli\u003esecurity: fixes \u003ccode\u003eInsecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC\u003c/code\u003e - CVE-2022-23541\u003c/li\u003e\n\u003cli\u003esecurity: fixes \u003ccode\u003eUnrestricted key type could lead to legacy keys usage\u003c/code\u003e - CVE-2022-23539\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/ed59e76ea37a80f54b833668c02a5271984dcba3\"\u003e\u003ccode\u003eed59e76\u003c/code\u003e\u003c/a\u003e chore: bump jws to 4.0.1 (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/1007\"\u003e#1007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/bc28861f1fa981ed9c009e29c044a19760a0b128\"\u003e\u003ccode\u003ebc28861\u003c/code\u003e\u003c/a\u003e Release 9.0.2  (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/96b89060cfc19272a7d853f53cb28c42580a6a67\"\u003e\u003ccode\u003e96b8906\u003c/code\u003e\u003c/a\u003e refactor: use specific lodash packages (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/ed35062239c0195d4341025d4699cc39608b435e\"\u003e\u003ccode\u003eed35062\u003c/code\u003e\u003c/a\u003e security: Updating semver to 7.5.4 to resolve CVE-2022-25883 (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/84539b29e17fd40ed25c53fc28db8ae41a34aff8\"\u003e\u003ccode\u003e84539b2\u003c/code\u003e\u003c/a\u003e Updating package version to 9.0.1 (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/920\"\u003e#920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/a99fd4b473e257c2f50ff69c716db1c520bf9a78\"\u003e\u003ccode\u003ea99fd4b\u003c/code\u003e\u003c/a\u003e fix(stubs): allow decode method to be stubbed (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/876\"\u003e#876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3\"\u003e\u003ccode\u003ee1fa9dc\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-8cf7-32gw-wr33\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/5eaedbf2b01676d952336e73b4d2efba847d2d1b\"\u003e\u003ccode\u003e5eaedbf\u003c/code\u003e\u003c/a\u003e chore(ci): remove github test actions job (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/861\"\u003e#861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/cd4163eb1407aab0b3148f91b0b9c26276b96c6b\"\u003e\u003ccode\u003ecd4163e\u003c/code\u003e\u003c/a\u003e chore(ci): configure Github Actions jobs for Tests \u0026amp; Security Scanning (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/856\"\u003e#856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/ecdf6cc6073ea13a7e71df5fad043550f08d0fa6\"\u003e\u003ccode\u003eecdf6cc\u003c/code\u003e\u003c/a\u003e fix!: Prevent accidental use of insecure key sizes \u0026amp; misconfiguration of secr...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/auth0/node-jsonwebtoken/compare/v8.5.1...v9.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~julien.wollscheid\"\u003ejulien.wollscheid\u003c/a\u003e, a new releaser for jsonwebtoken since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 7.3.5 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pu...\n\n_Description has been truncated_","html_url":"https://github.com/OfficeDev/Microsoft-Teams-Samples/pull/2132","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OfficeDev%2FMicrosoft-Teams-Samples/issues/2132","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2132/packages"}],"issue_packages":[{"old_version":"5.0.2","new_version":"6.0.1","update_type":"major","path":null,"pr_created_at":"2026-06-10T00:59:51.000Z","version_change":"5.0.2 → 6.0.1","issue":{"uuid":"4626910441","node_id":"PR_kwDOBwapYs7koKE_","number":8855,"state":"open","title":"chore(deps): bump the test-versions group across 1 directory with 34 updates","user":"dependabot[bot]","labels":["semver-patch","dependencies","javascript","dependabot"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T00:59:51.000Z","updated_at":"2026-06-10T01:06:22.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"test-versions","update_count":34,"packages":[{"name":"@apollo/gateway","old_version":"2.14.0","new_version":"2.14.1","repository_url":"https://github.com/apollographql/federation"},{"name":"@apollo/subgraph","old_version":"2.14.0","new_version":"2.14.1","repository_url":"https://github.com/apollographql/federation"},{"name":"@babel/core","old_version":"7.29.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/preset-typescript","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@confluentinc/kafka-javascript","old_version":"1.9.0","new_version":"1.9.1","repository_url":"https://github.com/confluentinc/confluent-kafka-javascript"},{"name":"@datadog/openfeature-node-server","old_version":"1.2.1","new_version":"2.0.0","repository_url":"https://github.com/DataDog/openfeature-js-client"},{"name":"@elastic/elasticsearch","old_version":"9.4.0","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch-js"},{"name":"@elastic/transport","old_version":"9.3.5","new_version":"9.3.7","repository_url":"https://github.com/elastic/elastic-transport-js"},{"name":"@electron/packager","old_version":"20.0.0","new_version":"20.0.1","repository_url":"https://github.com/electron/packager"},{"name":"@google-cloud/pubsub","old_version":"5.3.0","new_version":"5.3.1","repository_url":"https://github.com/googleapis/google-cloud-node"},{"name":"@grpc/grpc-js","old_version":"1.14.3","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"@hono/node-server","old_version":"2.0.3","new_version":"2.0.4","repository_url":"https://github.com/honojs/node-server"},{"name":"@koa/router","old_version":"15.5.0","new_version":"15.6.0","repository_url":"https://github.com/koajs/router"},{"name":"@types/node","old_version":"25.9.0","new_version":"25.9.2","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"aerospike","old_version":"6.7.0","new_version":"6.7.1","repository_url":"https://github.com/aerospike/aerospike-client-nodejs"},{"name":"axios","old_version":"1.16.1","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.78.0","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"electron","old_version":"42.1.0","new_version":"42.3.3","repository_url":"https://github.com/electron/electron"},{"name":"graphql","old_version":"16.14.0","new_version":"16.14.1","repository_url":"https://github.com/graphql/graphql-js"},{"name":"graphql-yoga","old_version":"5.21.0","new_version":"5.21.1","repository_url":"https://github.com/graphql-hive/graphql-yoga"},{"name":"hono","old_version":"4.12.19","new_version":"4.12.23","repository_url":"https://github.com/honojs/hono"},{"name":"koa","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/koajs/koa"},{"name":"mariadb","old_version":"3.4.5","new_version":"3.5.2","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-nodejs"},{"name":"next","old_version":"16.2.6","new_version":"16.2.7","repository_url":"https://github.com/vercel/next.js"},{"name":"npm","old_version":"11.14.1","new_version":"11.16.0","repository_url":"https://github.com/npm/cli"},{"name":"oracledb","old_version":"6.10.0","new_version":"7.0.0","repository_url":"https://github.com/oracle/node-oracledb"},{"name":"pnpm","old_version":"11.1.3","new_version":"11.5.2","repository_url":"https://github.com/pnpm/pnpm"},{"name":"protobufjs","old_version":"8.4.0","new_version":"8.6.1","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"react","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"stripe","old_version":"22.1.1","new_version":"22.2.0","repository_url":"https://github.com/stripe/stripe-node"},{"name":"undici","old_version":"8.3.0","new_version":"8.4.0","repository_url":"https://github.com/nodejs/undici"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the test-versions group with 34 updates in the /packages/dd-trace/test/plugins/versions directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@apollo/gateway](https://github.com/apollographql/federation/tree/HEAD/gateway-js) | `2.14.0` | `2.14.1` |\n| [@apollo/subgraph](https://github.com/apollographql/federation/tree/HEAD/subgraph-js) | `2.14.0` | `2.14.1` |\n| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.29.0` | `7.29.7` |\n| [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) | `7.28.5` | `7.29.7` |\n| [@confluentinc/kafka-javascript](https://github.com/confluentinc/confluent-kafka-javascript) | `1.9.0` | `1.9.1` |\n| [@datadog/openfeature-node-server](https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server) | `1.2.1` | `2.0.0` |\n| [@elastic/elasticsearch](https://github.com/elastic/elasticsearch-js) | `9.4.0` | `9.4.2` |\n| [@elastic/transport](https://github.com/elastic/elastic-transport-js) | `9.3.5` | `9.3.7` |\n| [@electron/packager](https://github.com/electron/packager) | `20.0.0` | `20.0.1` |\n| [@google-cloud/pubsub](https://github.com/googleapis/google-cloud-node/tree/HEAD/handwritten/pubsub) | `5.3.0` | `5.3.1` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.14.3` | `1.14.4` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `2.0.3` | `2.0.4` |\n| [@koa/router](https://github.com/koajs/router) | `15.5.0` | `15.6.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.0` | `25.9.2` |\n| [aerospike](https://github.com/aerospike/aerospike-client-nodejs) | `6.7.0` | `6.7.1` |\n| [axios](https://github.com/axios/axios) | `1.16.1` | `1.17.0` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.78.0` |\n| [ejs](https://github.com/mde/ejs) | `5.0.2` | `6.0.1` |\n| [electron](https://github.com/electron/electron) | `42.1.0` | `42.3.3` |\n| [graphql](https://github.com/graphql/graphql-js) | `16.14.0` | `16.14.1` |\n| [graphql-yoga](https://github.com/graphql-hive/graphql-yoga/tree/HEAD/packages/graphql-yoga) | `5.21.0` | `5.21.1` |\n| [hono](https://github.com/honojs/hono) | `4.12.19` | `4.12.23` |\n| [koa](https://github.com/koajs/koa) | `3.2.0` | `3.2.1` |\n| [mariadb](https://github.com/mariadb-corporation/mariadb-connector-nodejs) | `3.4.5` | `3.5.2` |\n| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.7` |\n| [npm](https://github.com/npm/cli) | `11.14.1` | `11.16.0` |\n| [oracledb](https://github.com/oracle/node-oracledb) | `6.10.0` | `7.0.0` |\n| [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) | `11.1.3` | `11.5.2` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `8.4.0` | `8.6.1` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |\n| [stripe](https://github.com/stripe/stripe-node) | `22.1.1` | `22.2.0` |\n| [undici](https://github.com/nodejs/undici) | `8.3.0` | `8.4.0` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n\n\nUpdates `@apollo/gateway` from 2.14.0 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/releases\"\u003e@​apollo/gateway's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/gateway\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePass instrumentation scope version as a separate argument when creating the OpenTelemetry meter for telemetry. Fixes \u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3436\"\u003e#3436\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/apollographql/federation/pull/3439\"\u003e#3439\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/621568719382df6592749168893e0e533a648ba5\"\u003e\u003ccode\u003e621568719382df6592749168893e0e533a648ba5\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/composition\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/query-planner\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/blob/main/gateway-js/CHANGELOG.md\"\u003e@​apollo/gateway's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePass instrumentation scope version as a separate argument when creating the OpenTelemetry meter for telemetry. Fixes \u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3436\"\u003e#3436\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/apollographql/federation/pull/3439\"\u003e#3439\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/621568719382df6592749168893e0e533a648ba5\"\u003e\u003ccode\u003e621568719382df6592749168893e0e533a648ba5\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/composition\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/query-planner\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/582d2d29938a940405625232d4eef25db0f7045d\"\u003e\u003ccode\u003e582d2d2\u003c/code\u003e\u003c/a\u003e release: on branch main (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3443\"\u003e#3443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/cdc1810d1b9ec8cab06c1a38ca1ba8c019abd316\"\u003e\u003ccode\u003ecdc1810\u003c/code\u003e\u003c/a\u003e Update gateway tracing name to match ingestion side expectations (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3446\"\u003e#3446\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/d9c721c5a93220c59970beb5750ef86044b52a10\"\u003e\u003ccode\u003ed9c721c\u003c/code\u003e\u003c/a\u003e Pass scope version as a separate argument in telemetry instantiation (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3439\"\u003e#3439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apollographql/federation/commits/@apollo/gateway@2.14.1/gateway-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@apollo/subgraph` from 2.14.0 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/releases\"\u003e@​apollo/subgraph's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/subgraph\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/blob/main/subgraph-js/CHANGELOG.md\"\u003e@​apollo/subgraph's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/582d2d29938a940405625232d4eef25db0f7045d\"\u003e\u003ccode\u003e582d2d2\u003c/code\u003e\u003c/a\u003e release: on branch main (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/subgraph-js/issues/3443\"\u003e#3443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apollographql/federation/commits/@apollo/subgraph@2.14.1/subgraph-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/core` from 7.29.0 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/04ea6b27fdac8f40c3481aec2080ac9678779509\"\u003e\u003ccode\u003e04ea6b2\u003c/code\u003e\u003c/a\u003e v7.29.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99f498a9b9fa0b900d603fbe8f6601bb3b9e42bb\"\u003e\u003ccode\u003e99f498a\u003c/code\u003e\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/18001\"\u003e#18001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/feba0a3654c596bd369d1ef1231f5d56666d56dc\"\u003e\u003ccode\u003efeba0a3\u003c/code\u003e\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17998\"\u003e#17998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/preset-typescript` from 7.28.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/preset-typescript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f3a22268bdc4fc6748cbc2be718a4d1090bdaf00\"\u003e\u003ccode\u003ef3a2226\u003c/code\u003e\u003c/a\u003e [babel 7] Delete Babel 8 fixtures (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17729\"\u003e#17729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-preset-typescript\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@confluentinc/kafka-javascript` from 1.9.0 to 1.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/releases\"\u003e@​confluentinc/kafka-javascript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.9.1 is a maintenance release. It is supported for all usage.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2\"\u003elibrdkafka v2.14.2 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returnes undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003ev1.9.1-rc1 is a maintenance release candidate. It is not supported.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2-RC3. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2-RC3\"\u003elibrdkafka v2.14.2-RC3 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returns undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/blob/master/CHANGELOG.md\"\u003e@​confluentinc/kafka-javascript's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003econfluent-kafka-javascript 1.9.1\u003c/h1\u003e\n\u003cp\u003ev1.9.1 is a maintenance release. It is supported for all usage.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2\"\u003elibrdkafka v2.14.2 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returnes undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/cf4cf8fff87d9e62e50ba341ec4edc8c34d6704f\"\u003e\u003ccode\u003ecf4cf8f\u003c/code\u003e\u003c/a\u003e v1.9.1 (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/494\"\u003e#494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/1c06ed05847d5e60b9b3e323a688edab857e4946\"\u003e\u003ccode\u003e1c06ed0\u003c/code\u003e\u003c/a\u003e v1.9.1-rc1 (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/493\"\u003e#493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/eacb098cc1b45bcfa8040fc94ee9d1d7fcb3fb31\"\u003e\u003ccode\u003eeacb098\u003c/code\u003e\u003c/a\u003e [fix] pass string as first arg to user logger on error events (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/9357d60067604e9fc581f0eba90183a00c2c0ff5\"\u003e\u003ccode\u003e9357d60\u003c/code\u003e\u003c/a\u003e NONJAVACLI-4353: bump axios and pin transitive deps for CVE fixes (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/ce56a23219c03893b5efe6c8054ef4a7d72eecbe\"\u003e\u003ccode\u003ece56a23\u003c/code\u003e\u003c/a\u003e Resolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/59e32516fc5ad585ca6fd03fff0d9fd92a5665d8\"\u003e\u003ccode\u003e59e3251\u003c/code\u003e\u003c/a\u003e fix(package.json): correct broken \u0026quot;types\u0026quot; path (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/f92eace3bb1d631f0779b94875f82b85de82d4a6\"\u003e\u003ccode\u003ef92eace\u003c/code\u003e\u003c/a\u003e [Typescript] Fix \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type from \u003ccode\u003e|| undefined\u003c/code\u003e to `|...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/2e82d006febcca3fb73be53d3ae9ed6d81abe733\"\u003e\u003ccode\u003e2e82d00\u003c/code\u003e\u003c/a\u003e Fix the typescript return type for admin.describeGroups() per \u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/488\"\u003e#488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/685bdb2f125e33f9349af00596c878b05e69e693\"\u003e\u003ccode\u003e685bdb2\u003c/code\u003e\u003c/a\u003e Correct the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/486\"\u003e#486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/6ef5fd264bafd7dcbb7247f045fb7d86547e4055\"\u003e\u003ccode\u003e6ef5fd2\u003c/code\u003e\u003c/a\u003e DGS-24227 Preserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/compare/v1.9.0...v1.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@datadog/openfeature-node-server` from 1.2.1 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/releases\"\u003e@​datadog/openfeature-node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add npm compatibility smoke test by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003eDataDog/openfeature-js-client#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003eDataDog/openfeature-js-client#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: switch to lerna independent versioning by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003eDataDog/openfeature-js-client#288\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@datadog/openfeature-node-server@2.0.0\"\u003ehttps://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@​datadog/openfeature-node-server@2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/blob/main/CHANGELOG.md\"\u003e@​datadog/openfeature-node-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-browser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.2.2, \u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version to prevent version skew [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003echore: switch to lerna independent versioning (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: add npm compatibility smoke test (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e This is the first stable release with the serialId feature. v1.2.0 had yarn syntax issues, v1.2.1 had loose dependency issues. \u003ccode\u003enode-server\u003c/code\u003e is bumped to 2.0.0 to prevent automatic upgrades by older dd-trace versions with unpinned dependencies.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat(node): expose serial ID in flagMetadata for span enrichment (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/269\"\u003e#269\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003e👷 ci(deps): Bump dependabot/fetch-metadata (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/267\"\u003e#267\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e👷 ci(deps)(deps): Bump actions/setup-node in the github-actions group (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump tmp from 0.2.3 to 0.2.5 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/228\"\u003e#228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps-dev)(deps-dev): Bump glob from 11.1.0 to 13.0.6 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps): Bump axios from 1.13.4 to 1.15.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate missed touchpoints on v1.1.1 release\u003c/li\u003e\n\u003cli\u003efix: replace Map\u0026lt;string, string\u0026gt; constraint with CacheDelegate to avoid MapIterator in declarations (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/263\"\u003e#263\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(browser): bump \u003ccode\u003e@​datadog/browser-core\u003c/code\u003e to ^6.33.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/261\"\u003e#261\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/254\"\u003e#254\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/253\"\u003e#253\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003echore(browser): move \u003ccode\u003e@​types/chrome\u003c/code\u003e from dependencies to devDependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/250\"\u003e#250\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003efix(node): mark open \u003ccode\u003e@​openfeature/server-sdk\u003c/code\u003e as non-optional (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/248\"\u003e#248\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eRemove nested attributes from setContext example (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/234\"\u003e#234\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003echore: Harden npm supply chain with \u003ccode\u003e@​lavamoat/allow-scripts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/233\"\u003e#233\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e*_ Bug Fixes_\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow null targeting key for static and rule-only flags (\u003ca href=\"https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server/issues/232\"\u003e#232\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBehavior Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/208293e04a79701c97f416665c51b6ccd02c089f\"\u003e\u003ccode\u003e208293e\u003c/code\u003e\u003c/a\u003e Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/d81d422b2676b0202c8b3b8fd98c6bb6238ef8b1\"\u003e\u003ccode\u003ed81d422\u003c/code\u003e\u003c/a\u003e fix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DataDog/openfeature-js-client/commits/@datadog/openfeature-node-server@2.0.0/packages/node-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/elasticsearch` from 9.4.0 to 9.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elasticsearch-js/releases\"\u003e@​elastic/elasticsearch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.4.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.2\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.4.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.1\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/436cd88c09899bbbb48fc53174d08e8f73371a41\"\u003e\u003ccode\u003e436cd88\u003c/code\u003e\u003c/a\u003e bump 9.4.2 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3309\"\u003e#3309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/6cd7358e05b0fb70572f2766963ac44493e43417\"\u003e\u003ccode\u003e6cd7358\u003c/code\u003e\u003c/a\u003e fix: bulk operations check too strict [backport] (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3311\"\u003e#3311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/cabdb6606def80e8410d051c45d2e4f151541785\"\u003e\u003ccode\u003ecabdb66\u003c/code\u003e\u003c/a\u003e fix: backport globby removal and junit CI fixes to 9.4 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3303\"\u003e#3303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/47ca4ab865ff4fefb1e679d03078c90f3bb4b490\"\u003e\u003ccode\u003e47ca4ab\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3300\"\u003e#3300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/78a4391d247c7e1bef9f70264c053c981a9424a9\"\u003e\u003ccode\u003e78a4391\u003c/code\u003e\u003c/a\u003e [9.4] chore: update ESM patching for apache-arrow (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3294\"\u003e#3294\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3295\"\u003e#3295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/b88dca6c76756aa354f69ff0069fd40f4c198084\"\u003e\u003ccode\u003eb88dca6\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3290\"\u003e#3290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/bd7b2af7a6d2de7a09ebaf7ea725bbe57723d3d9\"\u003e\u003ccode\u003ebd7b2af\u003c/code\u003e\u003c/a\u003e 9.4.1 changelog (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3284\"\u003e#3284\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3285\"\u003e#3285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/4ff8dce1ae7ef54e514feac06925df94dbe8049a\"\u003e\u003ccode\u003e4ff8dce\u003c/code\u003e\u003c/a\u003e bump to 9.4.1 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3283\"\u003e#3283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/588c55aa25e438ef93f3d7bee46eb1964e0e1378\"\u003e\u003ccode\u003e588c55a\u003c/code\u003e\u003c/a\u003e [9.4] fix: throw errors properly when bulk helper uses a stream (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3281\"\u003e#3281\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3282\"\u003e#3282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elastic/elasticsearch-js/compare/v9.4.0...v9.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/transport` from 9.3.5 to 9.3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elastic-transport-js/releases\"\u003e@​elastic/transport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.3.7\u003c/h2\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emark timed-out nodes dead when retryOnTimeout is false by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/382\"\u003eelastic/elastic-transport-js#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.6...v9.3.7\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.6...v9.3.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.3.6\u003c/h2\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse Buffer.concat for UTF-8 response body to prevent multi-byte character corruption by \u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent false NoLivingConnectionsError in WeightedConnectionPool by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/369\"\u003eelastic/elastic-transport-js#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprevent ConnectionError with empty message by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/370\"\u003eelastic/elastic-transport-js#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eensure Error.cause propagates by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/371\"\u003eelastic/elastic-transport-js#371\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse correct content-type on empty requests by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/372\"\u003eelastic/elastic-transport-js#372\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/65a258563e0cd7d1f4c8aff6f66ba60ef0b8dad3\"\u003e\u003ccode\u003e65a2585\u003c/code\u003e\u003c/a\u003e fix: mark timed-out nodes dead when retryOnTimeout is false (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/382\"\u003e#382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/68389bab3b4e0388f62dd1226f86c259bc88e059\"\u003e\u003ccode\u003e68389ba\u003c/code\u003e\u003c/a\u003e chore(deps): pin actions/github-script action to f28e40c (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/379\"\u003e#379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/a657bd6e4a1dc95242a228f1eece39cf9d34e08c\"\u003e\u003ccode\u003ea657bd6\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to 8530f76 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/380\"\u003e#380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/668d8050d7fb83d381a352f08fbfd572f014dcae\"\u003e\u003ccode\u003e668d805\u003c/code\u003e\u003c/a\u003e ci: add AI backport resolver (gh-aw prompt + issue_comment trigger) (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/377\"\u003e#377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/4fe6d59752f56ce7dd0e02514c108a0f299b8e02\"\u003e\u003ccode\u003e4fe6d59\u003c/code\u003e\u003c/a\u003e ci: point to clients-team-automations instead of devtools (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/378\"\u003e#378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/eaca5eb8c049ef3b1e73f0205e89ca3d2c4bdcd0\"\u003e\u003ccode\u003eeaca5eb\u003c/code\u003e\u003c/a\u003e fix: remove non-ASCII characters causing workflow parse failure (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/375\"\u003e#375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/ca6bf3fe78a469016fa3b135734822488e697bd5\"\u003e\u003ccode\u003eca6bf3f\u003c/code\u003e\u003c/a\u003e ci: replace thin caller with full AI backport resolver workflow (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5ef792abf78ba81e534e6dff0f398cef63b20383\"\u003e\u003ccode\u003e5ef792a\u003c/code\u003e\u003c/a\u003e fix: use correct content-type on empty requests (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/d619d0d462c40104aca949a79a3e420c0037d4e9\"\u003e\u003ccode\u003ed619d0d\u003c/code\u003e\u003c/a\u003e fix: ensure Error.cause propagates (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5f1eab1b44707d6afb8c54513893ffc3e8c53fd8\"\u003e\u003ccode\u003e5f1eab1\u003c/code\u003e\u003c/a\u003e fix: prevent ConnectionError with empty message (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@electron/packager` from 20.0.0 to 20.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/electron/packager/releases\"\u003e@​electron/packager's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/electron/packager/compare/v20.0.0...v20.0.1\"\u003e20.0.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eswap \u003ccode\u003eextract-zip\u003c/code\u003e with \u003ccode\u003e@electron-internal/extract-zip\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1917\"\u003e#1917\u003c/a\u003e) (\u003ca href=\"https://github.com/electron/packager/commit/0ff6c2a14f6842ee2f549183a52f16a03001292c\"\u003e0ff6c2a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/0ff6c2a14f6842ee2f549183a52f16a03001292c\"\u003e\u003ccode\u003e0ff6c2a\u003c/code\u003e\u003c/a\u003e fix: swap \u003ccode\u003eextract-zip\u003c/code\u003e with \u003ccode\u003e@electron-internal/extract-zip\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1917\"\u003e#1917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/0076a3658e19470f836dae4fd5accbf7dff896a9\"\u003e\u003ccode\u003e0076a36\u003c/code\u003e\u003c/a\u003e chore: bump vitest from 3.2.4 to 4.1.0 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1916\"\u003e#1916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/b0413a0907368e68530c027c18cb62e3bcfc81f3\"\u003e\u003ccode\u003eb0413a0\u003c/code\u003e\u003c/a\u003e chore: bump brace-expansion from 5.0.5 to 5.0.6 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1915\"\u003e#1915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/eed530c1afba2ede9e9f356ec2001668f35adbe6\"\u003e\u003ccode\u003eeed530c\u003c/code\u003e\u003c/a\u003e ci: add a GitHub Actions Completed job (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1914\"\u003e#1914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/b0eb94de5be7cd96780d948e91374d916fa723bf\"\u003e\u003ccode\u003eb0eb94d\u003c/code\u003e\u003c/a\u003e build(dev-deps): drop tsx (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1908\"\u003e#1908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/56f519fb32d478896996e80177dc85e5d7a6489f\"\u003e\u003ccode\u003e56f519f\u003c/code\u003e\u003c/a\u003e build: remove parse-author dependency (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1912\"\u003e#1912\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/23cb235c1ea8fead4597664cd62bdfdeccb73c9f\"\u003e\u003ccode\u003e23cb235\u003c/code\u003e\u003c/a\u003e chore: bump ip-address from 10.0.1 to 10.1.1 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1913\"\u003e#1913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/feb3114f21d96f3424fed6fc0e0199fb81bba2c0\"\u003e\u003ccode\u003efeb3114\u003c/code\u003e\u003c/a\u003e chore: bump the non-major-version-updates group with 4 updates (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1911\"\u003e#1911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/555715325a2d9ac31f8759ce77fdbdda15bb8d4d\"\u003e\u003ccode\u003e5557153\u003c/code\u003e\u003c/a\u003e chore: bump postcss from 8.5.6 to 8.5.10 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1910\"\u003e#1910\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/d71c96bdecf90e18efb0236b0cd28dc1e6a37ba8\"\u003e\u003ccode\u003ed71c96b\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1909\"\u003e#1909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/electron/packager/compare/v20.0.0...v20.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@google-cloud/pubsub` from 5.3.0 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/google-cloud-node/releases\"\u003e@​google-cloud/pubsub's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003epubsub: v5.3.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/google-cloud-node/compare/pubsub-v5.3.0...pubsub-v5.3.1\"\u003e5.3.1\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump all node submodules (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/8178\"\u003e#8178\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/9fd76eff87b1cf02db6205f141449b31e8ab7d8f\"\u003e9fd76ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epubsub:\u003c/strong\u003e Remove messages from leasing on nackWithResponse (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/7817\"\u003e#7817\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/841f0ca06d3d70278bb1d0c99535ad3c73c3d5d4\"\u003e841f0ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/google-cloud-node/blob/main/handwritten/pubsub/CHANGELOG.md\"\u003e@​google-cloud/pubsub's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/google-cloud-node/compare/pubsub-v5.3.0...pubsub-v5.3.1\"\u003e5.3.1\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump all node submodules (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/8178\"\u003e#8178\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/9fd76eff87b1cf02db6205f141449b31e8ab7d8f\"\u003e9fd76ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epubsub:\u003c/strong\u003e Remove messages from leasing on nackWithResponse (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/7817\"\u003e#7817\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/841f0ca06d3d70278bb1d0c99535ad3c73c3d5d4\"\u003e841f0ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/googleapis/google-cloud-node/commits/dns-v5.3.1/handwritten/pubsub\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.14.3 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.14.3...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 2.0.3 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: stub ws types to prevent them leaking in public types by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/359\"\u003ehonojs/node-server#359\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ehttps://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/9e1cdee836baeb13f33e857a582b29546185c324\"\u003e\u003ccode\u003e9e1cdee\u003c/code\u003e\u003c/a\u003e 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b4ca62216c9b537f1e56e0282bc8b5ee5b953b26\"\u003e\u003ccode\u003eb4ca622\u003c/code\u003e\u003c/a\u003e fix: stub ws types to prevent them leaking in public types (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/359\"\u003e#359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@koa/router` from 15.5.0 to 15.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/router/releases\"\u003e@​koa/router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: drop node v20 from ci pipeline  b5f9b6c\u003c/li\u003e\n\u003cli\u003echore: update *.md docs files  d586f45\u003c/li\u003e\n\u003cli\u003echore: add more tests + bump deps  7148fd1\u003c/li\u003e\n\u003cli\u003efix: hide internal rest param from prefixed middleware  99a6ae6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/koajs/router/compare/v15.5.0...v15.6.0\"\u003ehttps://github.com/koajs/router/compare/v15.5.0...v15.6.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/5b989fe0e37a4e1044287ba3fc935f5d0d623702\"\u003e\u003ccode\u003e5b989fe\u003c/code\u003e\u003c/a\u003e v15.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/b5f9b6cee1e9822074ff45c7abaf7aab1743dc3a\"\u003e\u003ccode\u003eb5f9b6c\u003c/code\u003e\u003c/a\u003e ci: drop node v20 from ci pipeline\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/d586f450ee0e92dd71ab995adfb1a535bcf55fba\"\u003e\u003ccode\u003ed586f45\u003c/code\u003e\u003c/a\u003e chore: update *.md docs files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/7148fd1491ca9b116cdf52fa3446d235539137f8\"\u003e\u003ccode\u003e7148fd1\u003c/code\u003e\u003c/a\u003e chore: add more tests + bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/99a6ae6a259cc26b8227288a99303b7bc7f597a1\"\u003e\u003ccode\u003e99a6ae6\u003c/code\u003e\u003c/a\u003e fix: hide internal rest param from prefixed middleware\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/koajs/router/compare/v15.5.0...v15.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.0 to 25.9.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aerospike` from 6.7.0 to 6.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/releases\"\u003eaerospike's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[6.7.1]\u003c/h2\u003e\n\u003cp\u003eRelease Date: May 26, 2026\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress node.js client vulnerabilities reported by Dependabot. [CLIENT-4732]\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e...\n\u003cul\u003e\n\u003cli\u003eas a development dependency from 9.0.5 to 9.0.9.\u003c/li\u003e\n\u003cli\u003eas a runtime dependency from 3.1.2 to 3.1.5.\u003c/li\u003e\n\u003cli\u003eThis addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-27904\u003c/li\u003e\n\u003cli\u003eCVE-2026-27903\u003c/li\u003e\n\u003cli\u003eCVE-2026-26996\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003etar\u003c/code\u003e from 7.5.7 to 7.5.15. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-29786\u003c/li\u003e\n\u003cli\u003eCVE-2026-31802\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003epicomatch\u003c/code\u003e from 4.0.3 to 4.0.4. This addresses CVE-2026-33671.\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eprotobufjs\u003c/code\u003e from 7.5.4 to 7.5.8. This addresses the following vulnerabilities where protobufjs...\n\u003cul\u003e\n\u003cli\u003eis a runtime dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-41242\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eis a development dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-44291\u003c/li\u003e\n\u003cli\u003eCVE-2026-44290\u003c/li\u003e\n\u003cli\u003eCVE-2026-44293\u003c/li\u003e\n\u003cli\u003eCVE-2026-44289\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump development dependency \u003ccode\u003eflatted\u003c/code\u003e from 3.3.3 to 3.4.2. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-33228\u003c/li\u003e\n\u003cli\u003eCVE-2026-32141\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ehttps://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e64dca8645265de9f1c9fb697304296f0342474d\"\u003e\u003ccode\u003ee64dca8\u003c/code\u003e\u003c/a\u003e Forgot to update the rest of the jobs in the stage tests to convert the runne...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e7e1fdfe4240ff118ff388f4205b121f9b4ae3e1\"\u003e\u003ccode\u003ee7e1fdf\u003c/code\u003e\u003c/a\u003e Fix syntax. TODO should add actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c90678774e1f049310b04a5cdfdc7a14e2b6b9dc\"\u003e\u003ccode\u003ec906787\u003c/code\u003e\u003c/a\u003e Use shared workflow from aerospike/aerospike-client-python from dev commit no...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/35145f29ac91c6ac8e2f8a68bc89a22b71a263c5\"\u003e\u003ccode\u003e35145f2\u003c/code\u003e\u003c/a\u003e Fix syntax error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6486f505e6857c80e362349f39168dff84ddcf32\"\u003e\u003ccode\u003e6486f50\u003c/code\u003e\u003c/a\u003e Use the same syntax in aerospike-client-python to pass encoded json output to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/ff05b8cb767992e3a4354556e70fb56a0498be74\"\u003e\u003ccode\u003eff05b8c\u003c/code\u003e\u003c/a\u003e Rename SMA2 self hosted macos runner to the default labels used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/affd51c22e4cc317d5e186d29a25adf04c82b42d\"\u003e\u003ccode\u003eaffd51c\u003c/code\u003e\u003c/a\u003e Bump version to 6.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c12499bdda4d9730d0319a4dc7c6c88a44bf1ee1\"\u003e\u003ccode\u003ec12499b\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Bump version to 6.7.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6b6da3ae8379de9536d392a8961caba3e7556a2a\"\u003e\u003ccode\u003e6b6da3a\u003c/code\u003e\u003c/a\u003e Fix bug where artifacts for release bundles are built for the wrong revision ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/242ad5bdbb487080a273bdc31b65f3fb899d3c68\"\u003e\u003ccode\u003e242ad5b\u003c/code\u003e\u003c/a\u003e Fix usage of promote-and-optionally-tag-release-bundle.yml in stage workflow.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.16.1 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c...\n\n_Description has been truncated_","html_url":"https://github.com/DataDog/dd-trace-js/pull/8855","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2Fdd-trace-js/issues/8855","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8855/packages"}},{"old_version":"5.0.2","new_version":"6.0.1","update_type":"major","path":null,"pr_created_at":"2026-06-09T23:04:28.000Z","version_change":"5.0.2 → 6.0.1","issue":{"uuid":"4626326568","node_id":"PR_kwDOD5BUU87kmR3_","number":2749,"state":"closed","title":"chore(deps): bump the backend group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-16T23:04:02.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-09T23:04:28.000Z","updated_at":"2026-06-16T23:04:04.000Z","time_to_close":604774,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"backend","update_count":10,"packages":[{"name":"axios","old_version":"1.15.0","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.4.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"juice","old_version":"11.1.1","new_version":"12.1.0","repository_url":"https://github.com/Automattic/juice"},{"name":"mjml","old_version":"4.18.0","new_version":"5.3.0","repository_url":"https://github.com/mjmlio/mjml"},{"name":"pg","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"twilio","old_version":"5.13.1","new_version":"6.0.2","repository_url":"https://github.com/twilio/twilio-node"},{"name":"typeorm","old_version":"0.3.26","new_version":"1.0.0","repository_url":"https://github.com/typeorm/typeorm"},{"name":"typescript","old_version":"4.9.5","new_version":"6.0.3","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"jest","old_version":"29.7.0","new_version":"30.4.2","repository_url":"https://github.com/jestjs/jest"}],"path":null,"ecosystem":"npm"},"body":"Bumps the backend group with 10 updates in the /services/API-service directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.15.0` | `1.17.0` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.4.0` |\n| [ejs](https://github.com/mde/ejs) | `5.0.2` | `6.0.1` |\n| [juice](https://github.com/Automattic/juice) | `11.1.1` | `12.1.0` |\n| [mjml](https://github.com/mjmlio/mjml/tree/HEAD/packages/mjml) | `4.18.0` | `5.3.0` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.21.0` |\n| [twilio](https://github.com/twilio/twilio-node) | `5.13.1` | `6.0.2` |\n| [typeorm](https://github.com/typeorm/typeorm) | `0.3.26` | `1.0.0` |\n| [typescript](https://github.com/microsoft/TypeScript) | `4.9.5` | `6.0.3` |\n| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.7.0` | `30.4.2` |\n\n\nUpdates `axios` from 1.15.0 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.17.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10935\"\u003e#10935\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeveloper Workflow:\u003c/strong\u003e Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10925\"\u003e#10925\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10914\"\u003e#10914\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation and Policy:\u003c/strong\u003e Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10890\"\u003e#10890\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10889\"\u003e#10889\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10921\"\u003e#10921\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10945\"\u003e#10945\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10933\"\u003e#10933\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10915\"\u003e#10915\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10887\"\u003e#10887\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10955\"\u003e#10955\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, \u003ccode\u003efs-extra\u003c/code\u003e, \u003ccode\u003eqs\u003c/code\u003e, docs dependencies, and GitHub Actions dependencies including \u003ccode\u003eactions/dependency-review-action\u003c/code\u003e and \u003ccode\u003ezizmorcore/zizmor-action\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10871\"\u003e#10871\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10879\"\u003e#10879\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10918\"\u003e#10918\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10919\"\u003e#10919\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10934\"\u003e#10934\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10947\"\u003e#10947\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/BasixKOR\"\u003e\u003ccode\u003e@​BasixKOR\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/carladams1299-lab\"\u003e\u003ccode\u003e@​carladams1299-lab\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/LaplaceYoung\"\u003e\u003ccode\u003e@​LaplaceYoung\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/JamieMagee\"\u003e\u003ccode\u003e@​JamieMagee\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/RonGamzu\"\u003e\u003ccode\u003e@​RonGamzu\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10905\"\u003e#10905\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sapirbaruch\"\u003e\u003ccode\u003e@​sapirbaruch\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nezukoagent\"\u003e\u003ccode\u003e@​nezukoagent\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/devareddy05\"\u003e\u003ccode\u003e@​devareddy05\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Mohammad-Faiz-Cloud-Engineer\"\u003e\u003ccode\u003e@​Mohammad-Faiz-Cloud-Engineer\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/azandabot\"\u003e\u003ccode\u003e@​azandabot\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/niksy\"\u003e\u003ccode\u003e@​niksy\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.1...v1.17.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4306df21e84332fc576e98c2de549347c06bfb76\"\u003e\u003ccode\u003e4306df2\u003c/code\u003e\u003c/a\u003e chore: add fun 88 sponsorship\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/931cc8f0106db4c9885403f85364b9e09ae1f6dc\"\u003e\u003ccode\u003e931cc8f\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.17.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10983\"\u003e#10983\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/38ba1b3d2b0aa5ada0463a37a548feb83a84dfa1\"\u003e\u003ccode\u003e38ba1b3\u003c/code\u003e\u003c/a\u003e fix(fetch): support basic auth from URL (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/32e2515f1e09b649723e4acd89d920df13eee77e\"\u003e\u003ccode\u003e32e2515\u003c/code\u003e\u003c/a\u003e fix: replace ternary side effect in script (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/030e7223831b0f562af3eb7501b24242c8a4c5ba\"\u003e\u003ccode\u003e030e722\u003c/code\u003e\u003c/a\u003e chore(deps): bump axios from 1.15.2 to 1.16.1 in /docs (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10960\"\u003e#10960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ec63164ac6b7a1fcd6b742a8628d3fffe23ce001\"\u003e\u003ccode\u003eec63164\u003c/code\u003e\u003c/a\u003e chore: remove openspec (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10958\"\u003e#10958\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3dec28f94ce29d396d5f2d9718805b47428dc7ab\"\u003e\u003ccode\u003e3dec28f\u003c/code\u003e\u003c/a\u003e fix(http): preserve TLS options for proxy tunnels (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a2390a5c059342bcac2a5297728181dd9939f562\"\u003e\u003ccode\u003ea2390a5\u003c/code\u003e\u003c/a\u003e fix: correct isCancel type to narrow to CanceledError\u0026lt;T\u0026gt; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fa01b9255d71e72599826428bc6c60f34994c6ce\"\u003e\u003ccode\u003efa01b92\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump tmp from 0.2.5 to 0.2.7 in /docs (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10954\"\u003e#10954\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2d2314a1ac29ce6723eb53e130b4a36617fd201c\"\u003e\u003ccode\u003e2d2314a\u003c/code\u003e\u003c/a\u003e fix: AxiosHeaders \u003ccode\u003etoJSON()\u003c/code\u003e return types (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.0...v1.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `date-fns` from 4.1.0 to 4.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/date-fns/date-fns/releases\"\u003edate-fns's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003cp\u003eThis release revisits the approach to CDN usage and introduces a new package, \u003ccode\u003e@date-fns/cdn\u003c/code\u003e and deprecates the \u003ccode\u003edate-fns\u003c/code\u003e CDN scripts. It allowed reducing the zipped package size from \u003ccode\u003e5.83 MB\u003c/code\u003e down to \u003ccode\u003e3.96 MB\u003c/code\u003e without introducing any breaking changes.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003ev5.0.0-alpha.0\u003c/code\u003e where CDN scripts are completely removed from \u003ccode\u003edate-fns\u003c/code\u003e the change is more significant and brings the zipped package size down to \u003ccode\u003e2.89 MB\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIt is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eDEPRECATED\u003c/strong\u003e: The \u003ccode\u003edate-fns\u003c/code\u003e CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new \u003ccode\u003e@date-fns/cdn\u003c/code\u003e package for CDN usage.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved CDN source maps to reduce the package size. If you rely on them, please switch to the new \u003ccode\u003e@date-fns/cdn\u003c/code\u003e package that still includes them.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cp\u003eKudos to \u003ca href=\"https://github.com/ImRodry\"\u003e\u003ccode\u003e@​ImRodry\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e for their contributions.\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFixed missing modularized optimization fallback (\u003ca href=\"https://x.com/kossnocorp/status/1731181274579325260\"\u003efor Next.js and others\u003c/a\u003e). See \u003ca href=\"https://x.com/kossnocorp/status/1731181274579325260\"\u003e#4193\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ccode\u003ept\u003c/code\u003e locale first day of week to be Sunday. See \u003ca href=\"https://redirect.github.com/date-fns/date-fns/pull/4195\"\u003e#4195\u003c/a\u003e by \u003ca href=\"https://github.com/ImRodry\"\u003e\u003ccode\u003e@​ImRodry\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ccode\u003ezh-CN\u003c/code\u003e, \u003ccode\u003ezh-HK\u003c/code\u003e, and \u003ccode\u003ezh-TW\u003c/code\u003e locale month parsing for October, November, and December. See \u003ca href=\"https://redirect.github.com/date-fns/date-fns/pull/4194\"\u003e#4194\u003c/a\u003e by \u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a minor release in all senses, it only includes documentation updates (first of many) that points to the new \u003ca href=\"https://date-fns.org/you-dont-need-date-fns\"\u003eYou Don't Need date-fns*\u003c/a\u003e page.\u003c/p\u003e\n\u003cp\u003e* Not really\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded Temporal API references to the JSDoc annotations of \u003ccode\u003eadd\u003c/code\u003e, \u003ccode\u003eaddBusinessDays\u003c/code\u003e, and \u003ccode\u003eaddDays\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/cd53d2538cfa318404eff7ade6449b49bf34562e\"\u003e\u003ccode\u003ecd53d25\u003c/code\u003e\u003c/a\u003e Promote to v4.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/d948ec151d395096de8a45fbcd9b1e79c26fda25\"\u003e\u003ccode\u003ed948ec1\u003c/code\u003e\u003c/a\u003e Preserve but deprecate CDN versions for v4, set up v5 with polyfills\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/ee65753cfc5d73cc9acd43aaa8012b3b233ddf32\"\u003e\u003ccode\u003eee65753\u003c/code\u003e\u003c/a\u003e Add root \u003ccode\u003emise :format\u003c/code\u003e task\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/9f5bdf5d5a944772aa9668c4fa6567d89ca01fa9\"\u003e\u003ccode\u003e9f5bdf5\u003c/code\u003e\u003c/a\u003e Add positional argument to \u003ccode\u003etest/smoke.sh\u003c/code\u003e script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/651ead6faf331515814803faf457f5b9db7c9729\"\u003e\u003ccode\u003e651ead6\u003c/code\u003e\u003c/a\u003e Split CDN bundles into separate \u003ccode\u003e@​date-fns/cdn\u003c/code\u003e package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/224c1a209967dad359a2c2adc9a5b0ef72e4fe7b\"\u003e\u003ccode\u003e224c1a2\u003c/code\u003e\u003c/a\u003e Deprecate type tests as attw hangs on date-fns package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/7bb2842dac3d579f84b2de62f015335fb3ac734a\"\u003e\u003ccode\u003e7bb2842\u003c/code\u003e\u003c/a\u003e Switch \u003ccode\u003ePACKAGE_OUTPUT_PATH\u003c/code\u003e to \u003ccode\u003e--dist\u003c/code\u003e flag in the package build script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/b6ad5acc5ab0b40777a2695ec074c2ffcd982763\"\u003e\u003ccode\u003eb6ad5ac\u003c/code\u003e\u003c/a\u003e Add flags to control package build script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/424a783de1fd974bcdbe907c9c5eb5154e9db29f\"\u003e\u003ccode\u003e424a783\u003c/code\u003e\u003c/a\u003e Fix docs release after moving to monorepo setup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/date-fns/date-fns/commit/f95bcf18b53e6832b2c575c24c98654a24f52699\"\u003e\u003ccode\u003ef95bcf1\u003c/code\u003e\u003c/a\u003e (docs): Add missing \u003ccode\u003etsx\u003c/code\u003e dependency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/date-fns/date-fns/compare/v4.1.0...v4.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 5.0.2 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `juice` from 11.1.1 to 12.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/juice/releases\"\u003ejuice's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev12.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add data-juice-important attribute  7cb46ac\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/Automattic/juice/compare/v12.0.0...v12.1.0\"\u003ehttps://github.com/Automattic/juice/compare/v12.0.0...v12.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev12.0.0\u003c/h2\u003e\n\u003ch1\u003eJuice 12\u003c/h1\u003e\n\u003cp\u003eModernizes the entire stack: ESM-only, PostCSS-based parsers to support CSS Nesting + spec-correct selector specificity, Node 22.12+ floor, Vitest 4.\u003c/p\u003e\n\u003ch2\u003eBreaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJuice is now ESM-only.\u003c/strong\u003e CJS consumers on \u003cstrong\u003eNode ≥ 22.12\u003c/strong\u003e keep working transparently via Node's built-in \u003ccode\u003erequire(esm)\u003c/code\u003e interop. Older Node versions need to upgrade.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNode ≥ 22.12.0 required.\u003c/strong\u003e Drops support for Node 18 and Node 20. CI matrix is now Node 22, 24, 26.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBrowser\u003c/strong\u003e: \u003ccode\u003eclient.js\u003c/code\u003e is ESM. Modern bundlers (Vite, webpack 5, esbuild, Rollup, Parcel 2+) handle it via the \u003ccode\u003e\u0026quot;browser\u0026quot;\u003c/code\u003e condition in the \u003ccode\u003eexports\u003c/code\u003e map. \u003cstrong\u003eBrowserify is no longer supported\u003c/strong\u003e, it cannot parse ESM. README updated to point at modern bundlers.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS parser swapped\u003c/strong\u003e: \u003ccode\u003emensch\u003c/code\u003e → \u003ccode\u003epostcss\u003c/code\u003e + \u003ccode\u003epostcss-safe-parser\u003c/code\u003e. Selector parser swapped: \u003ccode\u003eslick\u003c/code\u003e → \u003ccode\u003epostcss-selector-parser\u003c/code\u003e. Both old libs were unmaintained since 2022. Inlining semantics unchanged; preserved-CSS output inside \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e blocks is now canonically formatted (mensch had quirks like \u003ccode\u003e;}\u003c/code\u003e squashed onto one line). 4 fixture \u003ccode\u003e.out\u003c/code\u003e files refreshed to match.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSpec-correct selector specificity\u003c/strong\u003e for \u003ccode\u003e:is()\u003c/code\u003e, \u003ccode\u003e:where()\u003c/code\u003e, \u003ccode\u003e:has()\u003c/code\u003e, \u003ccode\u003e:not()\u003c/code\u003e per CSS Selectors Level 4: \u003ccode\u003e:where(...)\u003c/code\u003e contributes 0, the others contribute \u003ccode\u003emax(spec(args))\u003c/code\u003e. Previously juice treated all four as a generic \u003ccode\u003e:pseudo\u003c/code\u003e and \u003ccode\u003e:not\u003c/code\u003e used \u0026quot;first arg only\u0026quot; (a slick legacy). Any cascade resolution that depended on the old quirks will produce different inlined styles.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ecommander\u003c/code\u003e upgraded to v14\u003c/strong\u003e, \u003cstrong\u003e\u003ccode\u003eentities\u003c/code\u003e upgraded to v8\u003c/strong\u003e (ESM-only), \u003cstrong\u003e\u003ccode\u003echeerio\u003c/code\u003e pinned to \u003ccode\u003e1.2.0\u003c/code\u003e\u003c/strong\u003e.\u003c/li\u003e\n\u003cli\u003eTypeScript declarations renamed \u003ccode\u003ejuice.d.ts → index.d.ts\u003c/code\u003e and restructured for ESM default-export resolution. Import as \u003ccode\u003eimport juice from 'juice'\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCSS Nesting (Level 1) is supported.\u003c/strong\u003e Nested rules (\u003ccode\u003e.card { \u0026amp;:hover { ... } }\u003c/code\u003e), nested at-rules (\u003ccode\u003e.card { @media (...) { ... } }\u003c/code\u003e), the \u003ccode\u003e\u0026amp;\u003c/code\u003e parent selector, and bare nested selectors (per the 2023 CSSWG resolution) are flattened via \u003ccode\u003epostcss-nesting\u003c/code\u003e before inlining. Previously these were silently dropped. No behavior change for already-flat CSS.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@container\u003c/code\u003e and \u003ccode\u003e@layer\u003c/code\u003e at-rules are preserved\u003c/strong\u003e through inlining (mirrors how \u003ccode\u003e@media\u003c/code\u003e/\u003ccode\u003e@font-face\u003c/code\u003e/\u003ccode\u003e@keyframes\u003c/code\u003e already worked). New options \u003ccode\u003epreserveContainerQueries\u003c/code\u003e and \u003ccode\u003epreserveLayers\u003c/code\u003e default to \u003ccode\u003etrue\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eLong-standing crashes/hangs in \u003ccode\u003e:not(a, b, …)\u003c/code\u003e are gone\u003c/strong\u003e as a side effect of the parser swap — the underlying causes of \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/390\"\u003e#390\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/471\"\u003e#471\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/398\"\u003e#398\u003c/a\u003e were quirks in mensch/slick that don't exist in postcss.\u003c/li\u003e\n\u003cli\u003eTypeScript types ship via the \u003ccode\u003etypes\u003c/code\u003e condition in \u003ccode\u003eexports\u003c/code\u003e and resolve correctly under \u003ccode\u003enodenext\u003c/code\u003e module resolution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTooling\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eTest runner: Mocha → Vitest 4\u003c/strong\u003e with \u003ccode\u003e@vitest/coverage-v8\u003c/code\u003e. New scripts: \u003ccode\u003enpm test\u003c/code\u003e, \u003ccode\u003enpm run test:watch\u003c/code\u003e, \u003ccode\u003enpm run coverage\u003c/code\u003e. The previously broken \u003ccode\u003etestcover\u003c/code\u003e script is gone.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCLI extraction\u003c/strong\u003e: \u003ccode\u003ebin/juice\u003c/code\u003e's logic moved into \u003ccode\u003elib/cli.js\u003c/code\u003e as a testable \u003ccode\u003ecli.run(argv, deps)\u003c/code\u003e with dependency injection. The bin itself is now a 3-line ESM shim.\u003c/li\u003e\n\u003cli\u003eTest files renamed: \u003ccode\u003ecli.js → cli.test.js\u003c/code\u003e, \u003ccode\u003etest.js → integration.test.js\u003c/code\u003e, \u003ccode\u003erun.js → cases.test.js\u003c/code\u003e. TypeScript test now uses a dedicated \u003ccode\u003etest/typescript/tsconfig.json\u003c/code\u003e with \u003ccode\u003enodenext\u003c/code\u003e resolution.\u003c/li\u003e\n\u003cli\u003eTest assertions migrated from Node's \u003ccode\u003eassert\u003c/code\u003e to Vitest's \u003ccode\u003eexpect\u003c/code\u003e: better failure diffs, more matchers, idiomatic.\u003c/li\u003e\n\u003cli\u003eRemoved devDependencies: \u003ccode\u003emocha\u003c/code\u003e, \u003ccode\u003eshould\u003c/code\u003e, \u003ccode\u003ebatch\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e. Added: \u003ccode\u003evitest\u003c/code\u003e, \u003ccode\u003e@vitest/coverage-v8\u003c/code\u003e, \u003ccode\u003epostcss\u003c/code\u003e, \u003ccode\u003epostcss-safe-parser\u003c/code\u003e, \u003ccode\u003epostcss-selector-parser\u003c/code\u003e, \u003ccode\u003epostcss-nesting\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMigration notes\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eScenario\u003c/th\u003e\n\u003cth\u003eAction needed\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003eNode 18 or 20 user\u003c/td\u003e\n\u003ctd\u003eUpgrade to Node 22.12+\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003econst juice = require('juice')\u003c/code\u003e on Node ≥22.12\u003c/td\u003e\n\u003ctd\u003eNone, \u003ccode\u003erequire(esm)\u003c/code\u003e handles it\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003econst juice = require('juice')\u003c/code\u003e on older Node\u003c/td\u003e\n\u003ctd\u003eUpgrade Node, or switch to \u003ccode\u003eimport juice from 'juice'\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eTypeScript \u003ccode\u003eimport juice = require('juice')\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003eSwitch to \u003ccode\u003eimport juice from 'juice'\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003ejuice/client\u003c/code\u003e via Browserify\u003c/td\u003e\n\u003ctd\u003eSwitch bundler (Vite, webpack 5, esbuild, Rollup, Parcel 2+)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eUsing \u003ccode\u003e:is/:where/:has\u003c/code\u003e in email CSS\u003c/td\u003e\n\u003ctd\u003eSpecificity is now per-spec; cascade may resolve differently\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eUsing \u003ccode\u003e@container\u003c/code\u003e or \u003ccode\u003e@layer\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003eThey now pass through inlining instead of being silently dropped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eUsing CSS Nesting\u003c/td\u003e\n\u003ctd\u003eWas silently dropped — now flattened and inlined correctly\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Automattic/juice/blob/master/CHANGELOG.md\"\u003ejuice's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eUnreleased\u003c/h1\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJuice is now ESM-only.\u003c/strong\u003e Consumers using \u003ccode\u003erequire('juice')\u003c/code\u003e from CJS on Node ≥ 22.12 will continue to work via Node's built-in \u003ccode\u003erequire(esm)\u003c/code\u003e interop. CJS consumers on older Node versions will need to migrate to \u003ccode\u003eimport\u003c/code\u003e or upgrade Node.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNode ≥ 22.12.0 required.\u003c/strong\u003e Dropped support for Node 18 and Node 20. CI now runs on Node 22, 24, and 26.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBrowser:\u003c/strong\u003e the package's \u003ccode\u003eclient.js\u003c/code\u003e entry is now ESM. Modern bundlers (Vite, webpack 5, esbuild, Rollup, Parcel 2+) handle it transparently via the \u003ccode\u003e\u0026quot;browser\u0026quot;\u003c/code\u003e condition in \u003ccode\u003eexports\u003c/code\u003e. \u003cstrong\u003eBrowserify is no longer supported\u003c/strong\u003e — it cannot parse ESM.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS parser replaced\u003c/strong\u003e: \u003ccode\u003emensch\u003c/code\u003e → \u003ccode\u003epostcss\u003c/code\u003e + \u003ccode\u003epostcss-safe-parser\u003c/code\u003e. Selector parser replaced: \u003ccode\u003eslick\u003c/code\u003e → \u003ccode\u003epostcss-selector-parser\u003c/code\u003e. Both old libs were unmaintained since 2022 and mis-handled modern CSS. Inlining behaviour is unchanged; preserved-CSS output inside \u003ccode\u003e\u0026lt;style\u0026gt;\u003c/code\u003e blocks is now canonically formatted (fixes mensch quirks like \u003ccode\u003e;}\u003c/code\u003e squashed on one line and \u003ccode\u003e0%,\\n100%\u003c/code\u003e selector splits).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSpecificity is now spec-correct for \u003ccode\u003e:is()\u003c/code\u003e, \u003ccode\u003e:where()\u003c/code\u003e, \u003ccode\u003e:has()\u003c/code\u003e, and \u003ccode\u003e:not()\u003c/code\u003e\u003c/strong\u003e (CSS Selectors Level 4). \u003ccode\u003e:where(...)\u003c/code\u003e contributes 0; \u003ccode\u003e:is(...)\u003c/code\u003e, \u003ccode\u003e:has(...)\u003c/code\u003e, and \u003ccode\u003e:not(...)\u003c/code\u003e contribute the maximum specificity across their arguments. Previously juice treated all four as a generic \u003ccode\u003e:pseudo\u003c/code\u003e and \u003ccode\u003e:not\u003c/code\u003e used \u0026quot;first argument only\u0026quot; (a slick legacy). Any cascade resolution that depended on the old quirks will produce different inlined styles.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@container\u003c/code\u003e and \u003ccode\u003e@layer\u003c/code\u003e at-rules are now preserved\u003c/strong\u003e through inlining (mirroring \u003ccode\u003e@media\u003c/code\u003e / \u003ccode\u003e@font-face\u003c/code\u003e / \u003ccode\u003e@keyframes\u003c/code\u003e). New options \u003ccode\u003epreserveContainerQueries\u003c/code\u003e and \u003ccode\u003epreserveLayers\u003c/code\u003e default to \u003ccode\u003etrue\u003c/code\u003e; pass \u003ccode\u003efalse\u003c/code\u003e to drop them. Note: \u003ccode\u003e@layer\u003c/code\u003e is preserved verbatim only — layer-aware cascade resolution is not implemented (email clients don't support layers anyway).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCSS Nesting is now supported.\u003c/strong\u003e Nested rules (\u003ccode\u003e.card { \u0026amp;:hover { ... } }\u003c/code\u003e), nested at-rules (\u003ccode\u003e.card { @media (min-width: 600px) { ... } }\u003c/code\u003e), and the \u003ccode\u003e\u0026amp;\u003c/code\u003e parent selector are flattened via \u003ccode\u003epostcss-nesting\u003c/code\u003e before inlining. Previously, nested rules were silently dropped during parsing. No behaviour change for already-flat CSS.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecommander\u003c/code\u003e upgraded to v14. Positional CLI arguments are now declared explicitly via \u003ccode\u003e.argument()\u003c/code\u003e (commander v14 errors on excess undeclared args).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eentities\u003c/code\u003e upgraded to v8 (ESM-only).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003echeerio\u003c/code\u003e pinned to \u003ccode\u003e1.2.0\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTypeScript declarations renamed \u003ccode\u003ejuice.d.ts → index.d.ts\u003c/code\u003e and restructured for ESM default-export resolution (\u003ccode\u003eimport juice from 'juice'\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eTest runner migrated from Mocha to \u003cstrong\u003eVitest 4\u003c/strong\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTooling\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003enpm test\u003c/code\u003e now runs \u003ccode\u003evitest run --coverage \u0026amp;\u0026amp; npm run test-typescript\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003enpm run coverage\u003c/code\u003e script using \u003ccode\u003e@vitest/coverage-v8\u003c/code\u003e (replaces the previously broken \u003ccode\u003etestcover\u003c/code\u003e script).\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003enpm run test:watch\u003c/code\u003e for interactive development.\u003c/li\u003e\n\u003cli\u003eTest files renamed: \u003ccode\u003etest/cli.js → test/cli.test.js\u003c/code\u003e, \u003ccode\u003etest/test.js → test/integration.test.js\u003c/code\u003e, \u003ccode\u003etest/run.js → test/cases.test.js\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebin/juice\u003c/code\u003e extracted: the CLI logic now lives in \u003ccode\u003elib/cli.js\u003c/code\u003e as a testable \u003ccode\u003ecli.run(argv, deps)\u003c/code\u003e function with dependency injection. The bin itself is a 3-line ESM shim.\u003c/li\u003e\n\u003cli\u003eTypeScript test now uses a dedicated \u003ccode\u003etest/typescript/tsconfig.json\u003c/code\u003e with \u003ccode\u003enodenext\u003c/code\u003e module resolution.\u003c/li\u003e\n\u003cli\u003eRemoved devDependencies: \u003ccode\u003emocha\u003c/code\u003e, \u003ccode\u003eshould\u003c/code\u003e, \u003ccode\u003ebatch\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e. Added: \u003ccode\u003evitest\u003c/code\u003e, \u003ccode\u003e@vitest/coverage-v8\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epackage.json\u003c/code\u003e now declares \u003ccode\u003e\u0026quot;type\u0026quot;: \u0026quot;module\u0026quot;\u003c/code\u003e and an \u003ccode\u003e\u0026quot;exports\u0026quot;\u003c/code\u003e map with \u003ccode\u003etypes\u003c/code\u003e / \u003ccode\u003ebrowser\u003c/code\u003e / \u003ccode\u003edefault\u003c/code\u003e conditions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/54c05d23b219615d8dabdffcd98f6f0788189936\"\u003e\u003ccode\u003e54c05d2\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/20182771a9c64d7e47eb5453b8927c53372bf71e\"\u003e\u003ccode\u003e2018277\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/620\"\u003e#620\u003c/a\u003e from Automattic/feat/data-juice-important\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/7cb46ac1e92b240676b4fe06b0ae8bfe0e62bc80\"\u003e\u003ccode\u003e7cb46ac\u003c/code\u003e\u003c/a\u003e feat: add data-juice-important attribute\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/5afeb2123a3ce7112696fa665de308f4d9288c48\"\u003e\u003ccode\u003e5afeb21\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/aafcd9433c90db4fa63d5d40b3b253f54a12f41f\"\u003e\u003ccode\u003eaafcd94\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/612\"\u003e#612\u003c/a\u003e from Automattic/juice-12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/ac5f477308e1b75697a8b1a694ec568efa7ea653\"\u003e\u003ccode\u003eac5f477\u003c/code\u003e\u003c/a\u003e 12.0.0-beta.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/7c4e39487a6abf4597eb13ea94bfc2bcb4c01ed2\"\u003e\u003ccode\u003e7c4e394\u003c/code\u003e\u003c/a\u003e feat: add data-juice-duplicates attribute\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/826aa05c9202bb31efaa2f992683f03706039dbc\"\u003e\u003ccode\u003e826aa05\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into juice-12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/40744f449b314394a7e72e3d46b2b24c9252cf37\"\u003e\u003ccode\u003e40744f4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/617\"\u003e#617\u003c/a\u003e from Automattic/dependabot/npm_and_yarn/qs-6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Automattic/juice/commit/f668dba007019d4442cb86654cca95020c11c706\"\u003e\u003ccode\u003ef668dba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Automattic/juice/issues/616\"\u003e#616\u003c/a\u003e from Automattic/dependabot/npm_and_yarn/js-yaml-4.2.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Automattic/juice/compare/v11.1.1...v12.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mjml` from 4.18.0 to 5.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mjmlio/mjml/releases\"\u003emjml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolved numerous production security vulnerabilities by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3089\"\u003emjmlio/mjml#3089\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHardened dependency graph, upgraded CLI watcher stack, CLI watch behaviour fix by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3093\"\u003emjmlio/mjml#3093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReverted glob to earlier version solving Lerna conflict, upgraded js-cookie by \u003ca href=\"https://github.com/totocap\"\u003e\u003ccode\u003e@​totocap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3101\"\u003emjmlio/mjml#3101\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCI\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgraded checkout/setup-node actions and set Node24 JS actions runtime by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3097\"\u003emjmlio/mjml#3097\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed minor typo in docs by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3098\"\u003emjmlio/mjml#3098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/mjmlio/mjml/compare/v5.2.2...v5.3.0\"\u003ehttps://github.com/mjmlio/mjml/compare/v5.2.2...v5.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIn CLI, relative \u003ccode\u003eincludePath\u003c/code\u003e entries are now resolved against \u003ccode\u003eprocess.cwd()\u003c/code\u003e before being passed to \u003ccode\u003emjml-core\u003c/code\u003e, so e.g. \u003ccode\u003e--config.includePath '[\u0026quot;layouts\u0026quot;]\u003c/code\u003e' works correctly when the template lives in a subdirectory by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3092\"\u003emjmlio/mjml#3092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduced warnings on denied mj-includes for CLI by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3092\"\u003emjmlio/mjml#3092\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated documentation by adding an important message concerning the switch in \u003ccode\u003eallowIncludes\u003c/code\u003e (CLI) \u003ccode\u003eignoreIncludes\u003c/code\u003e (Node) by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3092\"\u003emjmlio/mjml#3092\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/mjmlio/mjml/compare/v5.2.1...v5.2.2\"\u003ehttps://github.com/mjmlio/mjml/compare/v5.2.1...v5.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003emj-accordion\u003c/code\u003e elements were closed by default in new versions of Outlook by \u003ca href=\"https://github.com/dazgreer\"\u003e\u003ccode\u003e@​dazgreer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/mjmlio/mjml/pull/3088\"\u003emjmlio/mjml#3088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/mjmlio/mjml/compare/v5.2.0...v5.2.1\"\u003ehttps://github.com/mjmlio/mjml/compare/v5.2.0...v5.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eWe've updated the beautification process in MJML and are moving back to js-beautify.\u003c/p\u003e\n\u003cp\u003eAs part of MJML 5, we introduced changes to the beautification stack, including replacing js-beautify with Prettier and later Biome. While these changes addressed earlier dependency concerns (which are no longer present), they also introduced performance and output issues for some users, including significantly slower processing times in certain environments.\u003c/p\u003e\n\u003cp\u003eOur priority right now is stability and predictable output, so we're reverting to the long-standing but updated js-beautify implementation while we continue evaluating longer-term improvements to the beautification pipeline.\u003c/p\u003e\n\u003cp\u003eThanks to everyone who reported issues and shared feedback over the last few weeks, it helped us identify and resolve the problems much faster.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/d236786b347dd9366acfb2e1cb1a8d7cbe280804\"\u003e\u003ccode\u003ed236786\u003c/code\u003e\u003c/a\u003e v5.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/e810f15d526597e1c256f07c76848b4631e30f8e\"\u003e\u003ccode\u003ee810f15\u003c/code\u003e\u003c/a\u003e chore(deps,cli,ci): harden dependency graph and add watch/packaging regressions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/ca71423f656e0be316327bfdf49ccbfcdf92b858\"\u003e\u003ccode\u003eca71423\u003c/code\u003e\u003c/a\u003e fix(dependencies): resolve security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/6c109f634f610f952650d2c1edbcb481ac92730c\"\u003e\u003ccode\u003e6c109f6\u003c/code\u003e\u003c/a\u003e v5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/d23232825cf634b92b9f24742b7b3a9042185c32\"\u003e\u003ccode\u003ed232328\u003c/code\u003e\u003c/a\u003e fix(mjml-cli): resolve includePath from cwd, warn on denied/ignored mj-include\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/175f954712d71cdfabaf685f5727f446f2401084\"\u003e\u003ccode\u003e175f954\u003c/code\u003e\u003c/a\u003e v5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/7ba15a2a08991f1c0eedcd0faed5c566f0c937fb\"\u003e\u003ccode\u003e7ba15a2\u003c/code\u003e\u003c/a\u003e v5.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/ecfdf440c5033b3e29b6502744b88ceb219e352b\"\u003e\u003ccode\u003eecfdf44\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/mjmlio/mjml/tree/HEAD/packages/mjml/issues/3084\"\u003e#3084\u003c/a\u003e from mjmlio/bugfix/handle-async-watch-compilation-in-v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/7bcbe0a0eb4c5cbce74faa800d60798e1f38b40f\"\u003e\u003ccode\u003e7bcbe0a\u003c/code\u003e\u003c/a\u003e bugfix(mjml-cli): handle async watch compilation in v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mjmlio/mjml/commit/07f2e9909ced57b5c55d2bd96e525bf6b59f45ee\"\u003e\u003ccode\u003e07f2e99\u003c/code\u003e\u003c/a\u003e v5.2.0-beta.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mjmlio/mjml/commits/v5.3.0/packages/mjml\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pg` from 8.20.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md\"\u003epg's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003epg@8.21.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ca href=\"https://redirect.github.com/brianc/node-postgres/pull/3521\"\u003eSASL SCRAM\u003c/a\u003e server error responses properly.\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ca href=\"https://redirect.github.com/brianc/node-postgres/pull/3667\"\u003enode@26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escramMaxIterations\u003c/code\u003e \u003ca href=\"https://redirect.github.com/brianc/node-postgres/pull/3677\"\u003econfig option\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eclient.getTransactionStatus()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/brianc/node-postgres/pull/3645\"\u003emethod\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/544b1ce8152bc280e398dc1e8a66920abe6a640e\"\u003e\u003ccode\u003e544b1ce\u003c/code\u003e\u003c/a\u003e Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/cc03fa5cdf0f1e67b2518ebad5cf2269206aa49c\"\u003e\u003ccode\u003ecc03fa5\u003c/code\u003e\u003c/a\u003e Add scramMaxIterations option to limit SCRAM iteration count (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3677\"\u003e#3677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/f776327b3fcdd997c67e866ef7c620ef9c26b3f2\"\u003e\u003ccode\u003ef776327\u003c/code\u003e\u003c/a\u003e Remove compatibility code for unsupported versions of Node (\u0026lt;16) (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3678\"\u003e#3678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/f252870eba73c15449b57562e6698b5859e32095\"\u003e\u003ccode\u003ef252870\u003c/code\u003e\u003c/a\u003e cleanup: pg utils (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3675\"\u003e#3675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/c8da6ab9326d93005e6947217cf665f707e08ec7\"\u003e\u003ccode\u003ec8da6ab\u003c/code\u003e\u003c/a\u003e Assorted test cleanup (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3673\"\u003e#3673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/fa47e73349786c2a76db98801d60c05371b0a906\"\u003e\u003ccode\u003efa47e73\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003eClient#end\u003c/code\u003e callback being called multiple times when first is no-op (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/88a7e60c7191ce8061d6276b299895bf5511e042\"\u003e\u003ccode\u003e88a7e60\u003c/code\u003e\u003c/a\u003e cleanup: Move declaration to more natural place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/2095247a7b10ebe19cd7d518e07ee2f259dda70a\"\u003e\u003ccode\u003e2095247\u003c/code\u003e\u003c/a\u003e cleanup: Combine duplicated code in \u003ccode\u003eClient#query\u003c/code\u003e and avoid unneeded early n...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/0ac3eddef6481f4e4f9359c65d3c0cfd7d2124e1\"\u003e\u003ccode\u003e0ac3edd\u003c/code\u003e\u003c/a\u003e fix: apply SASLprep (RFC 4013) to passwords before SCRAM-SHA-256 PBKDF2 (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3669\"\u003e#3669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brianc/node-postgres/commit/be880d45552269f0b847a3e568014bde6536eae3\"\u003e\u003ccode\u003ebe880d4\u003c/code\u003e\u003c/a\u003e Assorted test fixes and cleanup (\u003ca href=\"https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3672\"\u003e#3672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/brianc/node-postgres/commits/pg@8.21.0/packages/pg\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `twilio` from 5.13.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twilio/twilio-node/releases\"\u003etwilio's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003cstrong\u003eRelease Notes\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eConversations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate actions api visibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMemory\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-05-07\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003einclude store api\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ca href=\"https://twilio.com/docs/libraries/reference/twilio-node/6.0.2/index.html\"\u003eDocs\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003e6.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003cstrong\u003eRelease Notes\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eTwiml\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSet \u003ccode\u003erecording_configuration_id\u003c/code\u003e attribute to public visibility in \u003ccode\u003e\u0026lt;Conference\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Dial\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Record\u0026gt;\u003c/code\u003e verbs and \u003ccode\u003e\u0026lt;Recording\u0026gt;\u003c/code\u003e noun\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eApi\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd RecordingConfigurationId parameter for CreateCall, CreateCallRecording, CreateConferenceRecording, and CreateParticipant endpoints\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAuthy\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003ev1\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eAdded Authy API v1 under \u003ccode\u003e/v1\u003c/code\u003e — initial onboarding of Public API (\u003ccode\u003e/v1/protected/*\u003c/code\u003e), Device API (\u003ccode\u003e/v1/json/*\u003c/code\u003e), and Dashboard API (\u003ccode\u003e/v1/dashboard/*\u003c/code\u003e) behind REST Proxy using transparent proxy mode.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eData-ingress\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eCreateDataSync\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eDeleteCloudAppDataset\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eDeleteWarehouseDataset\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-20\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eMinor updates (formatting, metadata)\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-17\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eupdated operationId for dataplane APIs,Minor updates (formatting, metadata)\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-15\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003elibraryVisibility to private\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-14\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdded 1 new path(s)\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e/v1/DataSyncs/Latest\u003c/code\u003e (GetLatestDataSyncs)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMemory\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eRemove Prefer/Async-Operation headers\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twilio/twilio-node/blob/main/CHANGES.md\"\u003etwilio's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2026-05-07] Version 6.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eConversations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate actions api visibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMemory\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-05-07\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003einclude store api\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2026-05-06] Version 6.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eTwiml\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSet \u003ccode\u003erecording_configuration_id\u003c/code\u003e attribute to public visibility in \u003ccode\u003e\u0026lt;Conference\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Dial\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Record\u0026gt;\u003c/code\u003e verbs and \u003ccode\u003e\u0026lt;Recording\u0026gt;\u003c/code\u003e noun\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eApi\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd RecordingConfigurationId parameter for CreateCall, CreateCallRecording, CreateConferenceRecording, and CreateParticipant endpoints\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAuthy\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003ev1\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eAdded Authy API v1 under \u003ccode\u003e/v1\u003c/code\u003e — initial onboarding of Public API (\u003ccode\u003e/v1/protected/*\u003c/code\u003e), Device API (\u003ccode\u003e/v1/json/*\u003c/code\u003e), and Dashboard API (\u003ccode\u003e/v1/dashboard/*\u003c/code\u003e) behind REST Proxy using transparent proxy mode.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eData-ingress\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eCreateDataSync\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eDeleteCloudAppDataset\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdated description for \u003ccode\u003eDeleteWarehouseDataset\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-20\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eMinor updates (formatting, metadata)\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-17\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003eupdated operationId for dataplane APIs,Minor updates (formatting, metadata)\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-15\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003elibraryVisibility to private\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-14\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdded 1 new path(s)\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e/v1/DataSyncs/Latest\u003c/code\u003e (GetLatestDataSyncs)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMemory\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eRemove Prefer/Async-Operation headers\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-21\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eContent updates\u003c/strong\u003e:\u003c/li\u003e\n\u003cli\u003eAdded 301 response for \u003ccode\u003eListIdentifiers\u003c/code\u003e and \u003ccode\u003eGetIdentifier\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded 308 response for \u003ccode\u003eDeleteProfile\u003c/code\u003e, \u003ccode\u003eCreateIdentifier\u003c/code\u003e, \u003ccode\u003ePatchIdentifier\u003c/code\u003e, and \u003ccode\u003eDeleteIdentifier\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\n\u003ch2\u003e2026-04-14\u003c/h2\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eModified 1 path(s)\u003c/strong\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eUpgrade guide\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twilio/twilio-node/blob/main/UPGRADE.md\"\u003etwilio's upgrade guide\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eUpgrade Guide\u003c/h1\u003e\n\u003cp\u003e\u003cem\u003eAll \u003ccode\u003eMAJOR\u003c/code\u003e version bumps will have upgrade notes posted here.\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003e[2026-04-20] 5.x.x to 6.x.x\u003c/h2\u003e\n\u003chr /\u003e\n\u003ch3\u003eOverview\u003c/h3\u003e\n\u003cp\u003eTwilio Node Helper Library’s major version 6.0.0 is now available. We ensured that you can upgrade to Node Helper Library 6.0.0 version without any breaking changes to existing APIs.\u003c/p\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eMinimum Node.js version raised to 20\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Node.js versions below 20\u003c/li\u003e\n\u003cli\u003eUpgrade to Node.js \u0026gt;= 20 before updating to \u003ccode\u003etwilio\u003c/code\u003e 6.x.x\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2024-03-07] 4.x.x to 5.x.x\u003c/h2\u003e\n\u003chr /\u003e\n\u003ch3\u003eOverview\u003c/h3\u003e\n\u003ch4\u003eTwilio Node Helper Library’s major version 5.0.0 is now available. We ensured that you can upgrade to Node helper Library 5.0.0 version without any breaking changes of existing apis\u003c/h4\u003e\n\u003cp\u003eBehind the scenes Node Helper is now auto-generated via OpenAPI with this release. This enables us to rapidly add new features and enhance consistency across versions and languages.\nWe're pleased to inform you that version 5.0.0 adds support for the application/json content type in the request body.\u003c/p\u003e\n\u003ch2\u003e[2023-01-25] 3.x.x to 4.x.x\u003c/h2\u003e\n\u003chr /\u003e\n\u003cul\u003e\n\u003cli\u003eSupported Node.js versions updated\n\u003cul\u003e\n\u003cli\u003eUpgrade to Node.js \u0026gt;= 14\u003c/li\u003e\n\u003cli\u003eDropped support for Node.js \u0026lt; 14 (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Node.js 18 (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/794\"\u003e#794\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eLazy loading enabled by default (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/752\"\u003e#752\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eRequired Twilio modules now lazy load by default\u003c/li\u003e\n\u003cli\u003eSee the \u003ca href=\"https://github.com/twilio/twilio-node/blob/main/README.md#lazy-loading\"\u003eREADME\u003c/a\u003e for how to disable lazy loading\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eType changes from \u003ccode\u003eobject\u003c/code\u003e to \u003ccode\u003eRecord\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/873\"\u003e#873\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eCertain response properties now use the \u003ccode\u003eRecord\u003c/code\u003e type with \u003ccode\u003estring\u003c/code\u003e keys\u003c/li\u003e\n\u003cli\u003eIncluding the \u003ccode\u003esubresourceUris\u003c/code\u003e property for v2010 APIs and the \u003ccode\u003elinks\u003c/code\u003e properties for non-v2010 APIs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAccess Tokens\n\u003cul\u003e\n\u003cli\u003eCreating an \u003ca href=\"https://www.twilio.com/docs/iam/access-tokens\"\u003eAccessToken\u003c/a\u003e requires an \u003ccode\u003eidentity\u003c/code\u003e in the options (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/875\"\u003e#875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eConversationsGrant\u003c/code\u003e has been deprecated in favor of \u003ccode\u003eVoiceGrant\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eIpMessagingGrant\u003c/code\u003e has been removed (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eTwiML function deprecations (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/pull/788\"\u003e#788\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.twilio.com/docs/voice/twiml/refer\"\u003e\u003ccode\u003e\u0026lt;Refer\u0026gt;\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eRefer.referSip()\u003c/code\u003e replaced by \u003ccode\u003eRefer.sip()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.twilio.com/docs/voice/twiml/say/text-speech#generating-ssml-via-helper-libraries\"\u003e\u003ccode\u003e\u0026lt;Say\u0026gt;\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSay.ssmlBreak()\u003c/code\u003e and \u003ccode\u003eSay.break_()\u003c/code\u003e replaced by \u003ccode\u003eSay.break()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSay.ssmlEmphasis()\u003c/code\u003e replaced by \u003ccode\u003eSay.emphasis()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/e9e546985dcc293e4f71888160725739e7b28c37\"\u003e\u003ccode\u003ee9e5469\u003c/code\u003e\u003c/a\u003e Release 6.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/fd93dfa35ac018b0e5b952d83a46165cb9ffe6d7\"\u003e\u003ccode\u003efd93dfa\u003c/code\u003e\u003c/a\u003e [Librarian] Regenerated @ d39d243cf0f072a87b06d80cfd5d04f77cde8481 18d7938080...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/c4d7168c9aca1e5e87cd7fa524e5f70233448d6d\"\u003e\u003ccode\u003ec4d7168\u003c/code\u003e\u003c/a\u003e Release 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/04a89ce606cb756b66bc94a57224f700afd3ce59\"\u003e\u003ccode\u003e04a89ce\u003c/code\u003e\u003c/a\u003e [Librarian] Regenerated @ d39d243cf0f072a87b06d80cfd5d04f77cde8481 e2fda0239d...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/d6b406f7fbe54f49448eb4ddb6f39e4be8429cb0\"\u003e\u003ccode\u003ed6b406f\u003c/code\u003e\u003c/a\u003e [Librarian] Regenerated @ 40ca64a22aef42a337cb49d1d4e4c4f48ae3b6e4 21ed5806ef...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/3e96b64bd245d506a8fc450d0d34ab18c459eae6\"\u003e\u003ccode\u003e3e96b64\u003c/code\u003e\u003c/a\u003e chore: mvr 6.0.0 release prep (\u003ca href=\"https://redirect.github.com/twilio/twilio-node/issues/1186\"\u003e#1186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/447a23d308f2df937ba924c4bd1f7062ff21a281\"\u003e\u003ccode\u003e447a23d\u003c/code\u003e\u003c/a\u003e Release 5.13.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twilio/twilio-node/commit/6267242ba7219e78decf2156c84db8a78dfc3a4c\"\u003e\u003ccode\u003e6267242\u003c/code\u003e\u003c/a\u003e [Librarian] Regenerated @ 40ca64a22aef42a337cb49d1d4e4c4f48ae3b6e4 21ed5806ef...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/twilio/twilio-node/compare/5.13.1...6.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typeorm` from 0.3.26 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typeorm/typeorm/releases\"\u003etypeorm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.0.0\u003c/h2\u003e\n\u003cp\u003eTypeORM v1.0 is here! 🥳\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003e👉 For a structured walk-through of the changes in v1.0 — breaking changes, new features, security fixes, and the upgrade path from 0.3.x — see the \u003ca href=\"https://typeorm.io/docs/releases/1.0/release-notes\"\u003ev1.0 Release Notes\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eThis release includes breaking changes. See the \u003ca href=\"https://typeorm.io/docs/releases/1.0/upgrading-from-0.3\"\u003ev1.0 Upgrade Guide\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: include joined entity primary keys in pagination subquery by \u003ca href=\"https://github.com/mag123c\"\u003e\u003ccode\u003e@​mag123c\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/typeorm/typeorm/pull/11669\"\u003etypeorm/typeorm#11669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(postgres): add support for PostgreSQL indices by...\n\n_Description has been truncated_","html_url":"https://github.com/rodekruis/IBF-system/pull/2749","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodekruis%2FIBF-system/issues/2749","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2749/packages"}},{"old_version":"5.0.2","new_version":"6.0.1","update_type":"major","path":null,"pr_created_at":"2026-06-08T01:00:18.000Z","version_change":"5.0.2 → 6.0.1","issue":{"uuid":"4609314824","node_id":"PR_kwDOBwapYs7juBlo","number":8833,"state":"open","title":"chore(deps): bump the test-versions group across 1 directory with 33 updates","user":"dependabot[bot]","labels":["semver-patch","dependencies","javascript","dependabot"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-08T01:00:18.000Z","updated_at":"2026-06-08T01:06:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"test-versions","update_count":33,"packages":[{"name":"@apollo/gateway","old_version":"2.14.0","new_version":"2.14.1","repository_url":"https://github.com/apollographql/federation"},{"name":"@apollo/subgraph","old_version":"2.14.0","new_version":"2.14.1","repository_url":"https://github.com/apollographql/federation"},{"name":"@babel/core","old_version":"7.29.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/preset-typescript","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@confluentinc/kafka-javascript","old_version":"1.9.0","new_version":"1.9.1","repository_url":"https://github.com/confluentinc/confluent-kafka-javascript"},{"name":"@datadog/openfeature-node-server","old_version":"1.2.1","new_version":"2.0.0","repository_url":"https://github.com/DataDog/openfeature-js-client"},{"name":"@elastic/elasticsearch","old_version":"9.4.0","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch-js"},{"name":"@elastic/transport","old_version":"9.3.5","new_version":"9.3.7","repository_url":"https://github.com/elastic/elastic-transport-js"},{"name":"@electron/packager","old_version":"20.0.0","new_version":"20.0.1","repository_url":"https://github.com/electron/packager"},{"name":"@google-cloud/pubsub","old_version":"5.3.0","new_version":"5.3.1","repository_url":"https://github.com/googleapis/google-cloud-node"},{"name":"@grpc/grpc-js","old_version":"1.14.3","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"@hono/node-server","old_version":"2.0.3","new_version":"2.0.4","repository_url":"https://github.com/honojs/node-server"},{"name":"@koa/router","old_version":"15.5.0","new_version":"15.6.0","repository_url":"https://github.com/koajs/router"},{"name":"@types/node","old_version":"25.9.0","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"aerospike","old_version":"6.7.0","new_version":"6.7.1","repository_url":"https://github.com/aerospike/aerospike-client-nodejs"},{"name":"axios","old_version":"1.16.1","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.78.0","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"electron","old_version":"42.1.0","new_version":"42.3.3","repository_url":"https://github.com/electron/electron"},{"name":"graphql","old_version":"16.14.0","new_version":"16.14.1","repository_url":"https://github.com/graphql/graphql-js"},{"name":"graphql-yoga","old_version":"5.21.0","new_version":"5.21.1","repository_url":"https://github.com/graphql-hive/graphql-yoga"},{"name":"hono","old_version":"4.12.19","new_version":"4.12.23","repository_url":"https://github.com/honojs/hono"},{"name":"koa","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/koajs/koa"},{"name":"mariadb","old_version":"3.4.5","new_version":"3.5.2","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-nodejs"},{"name":"next","old_version":"16.2.6","new_version":"16.2.7","repository_url":"https://github.com/vercel/next.js"},{"name":"npm","old_version":"11.14.1","new_version":"11.16.0","repository_url":"https://github.com/npm/cli"},{"name":"oracledb","old_version":"6.10.0","new_version":"7.0.0","repository_url":"https://github.com/oracle/node-oracledb"},{"name":"pnpm","old_version":"11.1.3","new_version":"11.5.1","repository_url":"https://github.com/pnpm/pnpm"},{"name":"protobufjs","old_version":"8.4.0","new_version":"8.6.0","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"react","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.6","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"stripe","old_version":"22.1.1","new_version":"22.2.0","repository_url":"https://github.com/stripe/stripe-node"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the test-versions group with 33 updates in the /packages/dd-trace/test/plugins/versions directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@apollo/gateway](https://github.com/apollographql/federation/tree/HEAD/gateway-js) | `2.14.0` | `2.14.1` |\n| [@apollo/subgraph](https://github.com/apollographql/federation/tree/HEAD/subgraph-js) | `2.14.0` | `2.14.1` |\n| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.29.0` | `7.29.7` |\n| [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) | `7.28.5` | `7.29.7` |\n| [@confluentinc/kafka-javascript](https://github.com/confluentinc/confluent-kafka-javascript) | `1.9.0` | `1.9.1` |\n| [@datadog/openfeature-node-server](https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server) | `1.2.1` | `2.0.0` |\n| [@elastic/elasticsearch](https://github.com/elastic/elasticsearch-js) | `9.4.0` | `9.4.2` |\n| [@elastic/transport](https://github.com/elastic/elastic-transport-js) | `9.3.5` | `9.3.7` |\n| [@electron/packager](https://github.com/electron/packager) | `20.0.0` | `20.0.1` |\n| [@google-cloud/pubsub](https://github.com/googleapis/google-cloud-node/tree/HEAD/handwritten/pubsub) | `5.3.0` | `5.3.1` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.14.3` | `1.14.4` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `2.0.3` | `2.0.4` |\n| [@koa/router](https://github.com/koajs/router) | `15.5.0` | `15.6.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.0` | `25.9.1` |\n| [aerospike](https://github.com/aerospike/aerospike-client-nodejs) | `6.7.0` | `6.7.1` |\n| [axios](https://github.com/axios/axios) | `1.16.1` | `1.17.0` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.78.0` |\n| [ejs](https://github.com/mde/ejs) | `5.0.2` | `6.0.1` |\n| [electron](https://github.com/electron/electron) | `42.1.0` | `42.3.3` |\n| [graphql](https://github.com/graphql/graphql-js) | `16.14.0` | `16.14.1` |\n| [graphql-yoga](https://github.com/graphql-hive/graphql-yoga/tree/HEAD/packages/graphql-yoga) | `5.21.0` | `5.21.1` |\n| [hono](https://github.com/honojs/hono) | `4.12.19` | `4.12.23` |\n| [koa](https://github.com/koajs/koa) | `3.2.0` | `3.2.1` |\n| [mariadb](https://github.com/mariadb-corporation/mariadb-connector-nodejs) | `3.4.5` | `3.5.2` |\n| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.7` |\n| [npm](https://github.com/npm/cli) | `11.14.1` | `11.16.0` |\n| [oracledb](https://github.com/oracle/node-oracledb) | `6.10.0` | `7.0.0` |\n| [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) | `11.1.3` | `11.5.1` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `8.4.0` | `8.6.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |\n| [stripe](https://github.com/stripe/stripe-node) | `22.1.1` | `22.2.0` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n\n\nUpdates `@apollo/gateway` from 2.14.0 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/releases\"\u003e@​apollo/gateway's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/gateway\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePass instrumentation scope version as a separate argument when creating the OpenTelemetry meter for telemetry. Fixes \u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3436\"\u003e#3436\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/apollographql/federation/pull/3439\"\u003e#3439\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/621568719382df6592749168893e0e533a648ba5\"\u003e\u003ccode\u003e621568719382df6592749168893e0e533a648ba5\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/composition\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/query-planner\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/blob/main/gateway-js/CHANGELOG.md\"\u003e@​apollo/gateway's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePass instrumentation scope version as a separate argument when creating the OpenTelemetry meter for telemetry. Fixes \u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3436\"\u003e#3436\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/apollographql/federation/pull/3439\"\u003e#3439\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/621568719382df6592749168893e0e533a648ba5\"\u003e\u003ccode\u003e621568719382df6592749168893e0e533a648ba5\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/composition\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/query-planner\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/582d2d29938a940405625232d4eef25db0f7045d\"\u003e\u003ccode\u003e582d2d2\u003c/code\u003e\u003c/a\u003e release: on branch main (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3443\"\u003e#3443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/cdc1810d1b9ec8cab06c1a38ca1ba8c019abd316\"\u003e\u003ccode\u003ecdc1810\u003c/code\u003e\u003c/a\u003e Update gateway tracing name to match ingestion side expectations (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3446\"\u003e#3446\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/d9c721c5a93220c59970beb5750ef86044b52a10\"\u003e\u003ccode\u003ed9c721c\u003c/code\u003e\u003c/a\u003e Pass scope version as a separate argument in telemetry instantiation (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/gateway-js/issues/3439\"\u003e#3439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apollographql/federation/commits/@apollo/gateway@2.14.1/gateway-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@apollo/subgraph` from 2.14.0 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/releases\"\u003e@​apollo/subgraph's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/subgraph\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/federation/blob/main/subgraph-js/CHANGELOG.md\"\u003e@​apollo/subgraph's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.14.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/federation/commit/278eb0fc2bc0ef13ba371407df04cfe50fa2887d\"\u003e\u003ccode\u003e278eb0fc2bc0ef13ba371407df04cfe50fa2887d\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/apollographql/federation/commit/8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\"\u003e\u003ccode\u003e8bb88f9c7b90addd5ef29f9e4a3f9c027e6cf690\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/federation-internals\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.14.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/federation/commit/582d2d29938a940405625232d4eef25db0f7045d\"\u003e\u003ccode\u003e582d2d2\u003c/code\u003e\u003c/a\u003e release: on branch main (\u003ca href=\"https://github.com/apollographql/federation/tree/HEAD/subgraph-js/issues/3443\"\u003e#3443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apollographql/federation/commits/@apollo/subgraph@2.14.1/subgraph-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/core` from 7.29.0 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/04ea6b27fdac8f40c3481aec2080ac9678779509\"\u003e\u003ccode\u003e04ea6b2\u003c/code\u003e\u003c/a\u003e v7.29.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99f498a9b9fa0b900d603fbe8f6601bb3b9e42bb\"\u003e\u003ccode\u003e99f498a\u003c/code\u003e\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/18001\"\u003e#18001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/feba0a3654c596bd369d1ef1231f5d56666d56dc\"\u003e\u003ccode\u003efeba0a3\u003c/code\u003e\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17998\"\u003e#17998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/preset-typescript` from 7.28.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/preset-typescript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f3a22268bdc4fc6748cbc2be718a4d1090bdaf00\"\u003e\u003ccode\u003ef3a2226\u003c/code\u003e\u003c/a\u003e [babel 7] Delete Babel 8 fixtures (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17729\"\u003e#17729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-preset-typescript\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@confluentinc/kafka-javascript` from 1.9.0 to 1.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/releases\"\u003e@​confluentinc/kafka-javascript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.9.1 is a maintenance release. It is supported for all usage.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2\"\u003elibrdkafka v2.14.2 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returnes undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003ev1.9.1-rc1 is a maintenance release candidate. It is not supported.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2-RC3. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2-RC3\"\u003elibrdkafka v2.14.2-RC3 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returns undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/blob/master/CHANGELOG.md\"\u003e@​confluentinc/kafka-javascript's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003econfluent-kafka-javascript 1.9.1\u003c/h1\u003e\n\u003cp\u003ev1.9.1 is a maintenance release. It is supported for all usage.\u003c/p\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eReferences librdkafka v2.14.2. Refer to the \u003ca href=\"https://github.com/confluentinc/librdkafka/releases/tag/v2.14.2\"\u003elibrdkafka v2.14.2 release notes\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eHandle anyOf/allOf in JSON transforms (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e to \u003ccode\u003ePromise\u0026lt;Array\u0026lt;ITopicMetadata\u0026gt;\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eMemberDescription\u003c/code\u003e shape returned by \u003ccode\u003eadmin.describeGroups\u003c/code\u003e so \u003ccode\u003eassignment\u003c/code\u003e/\u003ccode\u003etargetAssignment\u003c/code\u003e wrap a \u003ccode\u003etopicPartitions\u003c/code\u003e array and \u003ccode\u003ememberAssignment\u003c/code\u003e/\u003ccode\u003ememberMetadata\u003c/code\u003e are nullable (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect the TypeScript \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type returned by \u003ccode\u003eadmin.fetchOffsets\u003c/code\u003e to \u003ccode\u003eLibrdKafkaError | null\u003c/code\u003e, matching the runtime which always populates the field. It never returnes undefined. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/489\"\u003e#489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect broken \u0026quot;types\u0026quot; path so TS consumers get types (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error callback passing and object to the logger instead of a string (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix security vulnerabilities in dependencies (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle missing Protobuf message index bytes in ProtobufDeserializer (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/481\"\u003e#481\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/cf4cf8fff87d9e62e50ba341ec4edc8c34d6704f\"\u003e\u003ccode\u003ecf4cf8f\u003c/code\u003e\u003c/a\u003e v1.9.1 (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/494\"\u003e#494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/1c06ed05847d5e60b9b3e323a688edab857e4946\"\u003e\u003ccode\u003e1c06ed0\u003c/code\u003e\u003c/a\u003e v1.9.1-rc1 (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/493\"\u003e#493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/eacb098cc1b45bcfa8040fc94ee9d1d7fcb3fb31\"\u003e\u003ccode\u003eeacb098\u003c/code\u003e\u003c/a\u003e [fix] pass string as first arg to user logger on error events (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/9357d60067604e9fc581f0eba90183a00c2c0ff5\"\u003e\u003ccode\u003e9357d60\u003c/code\u003e\u003c/a\u003e NONJAVACLI-4353: bump axios and pin transitive deps for CVE fixes (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/ce56a23219c03893b5efe6c8054ef4a7d72eecbe\"\u003e\u003ccode\u003ece56a23\u003c/code\u003e\u003c/a\u003e Resolve IHeaders import for installed clients (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/492\"\u003e#492\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/59e32516fc5ad585ca6fd03fff0d9fd92a5665d8\"\u003e\u003ccode\u003e59e3251\u003c/code\u003e\u003c/a\u003e fix(package.json): correct broken \u0026quot;types\u0026quot; path (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/484\"\u003e#484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/f92eace3bb1d631f0779b94875f82b85de82d4a6\"\u003e\u003ccode\u003ef92eace\u003c/code\u003e\u003c/a\u003e [Typescript] Fix \u003ccode\u003eFetchOffsetsPartition.error\u003c/code\u003e type from \u003ccode\u003e|| undefined\u003c/code\u003e to `|...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/2e82d006febcca3fb73be53d3ae9ed6d81abe733\"\u003e\u003ccode\u003e2e82d00\u003c/code\u003e\u003c/a\u003e Fix the typescript return type for admin.describeGroups() per \u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/487\"\u003e#487\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/488\"\u003e#488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/685bdb2f125e33f9349af00596c878b05e69e693\"\u003e\u003ccode\u003e685bdb2\u003c/code\u003e\u003c/a\u003e Correct the TypeScript return type of \u003ccode\u003eadmin.fetchTopicMetadata\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/486\"\u003e#486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/commit/6ef5fd264bafd7dcbb7247f045fb7d86547e4055\"\u003e\u003ccode\u003e6ef5fd2\u003c/code\u003e\u003c/a\u003e DGS-24227 Preserve custom subjectNameStrategy in serde constructors (\u003ca href=\"https://redirect.github.com/confluentinc/confluent-kafka-javascript/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/confluentinc/confluent-kafka-javascript/compare/v1.9.0...v1.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@datadog/openfeature-node-server` from 1.2.1 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/releases\"\u003e@​datadog/openfeature-node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add npm compatibility smoke test by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003eDataDog/openfeature-js-client#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003eDataDog/openfeature-js-client#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: switch to lerna independent versioning by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003eDataDog/openfeature-js-client#288\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@datadog/openfeature-node-server@2.0.0\"\u003ehttps://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@​datadog/openfeature-node-server@2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/blob/main/CHANGELOG.md\"\u003e@​datadog/openfeature-node-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-browser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.2.2, \u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version to prevent version skew [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003echore: switch to lerna independent versioning (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: add npm compatibility smoke test (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e This is the first stable release with the serialId feature. v1.2.0 had yarn syntax issues, v1.2.1 had loose dependency issues. \u003ccode\u003enode-server\u003c/code\u003e is bumped to 2.0.0 to prevent automatic upgrades by older dd-trace versions with unpinned dependencies.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat(node): expose serial ID in flagMetadata for span enrichment (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/269\"\u003e#269\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003e👷 ci(deps): Bump dependabot/fetch-metadata (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/267\"\u003e#267\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e👷 ci(deps)(deps): Bump actions/setup-node in the github-actions group (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump tmp from 0.2.3 to 0.2.5 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/228\"\u003e#228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps-dev)(deps-dev): Bump glob from 11.1.0 to 13.0.6 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps): Bump axios from 1.13.4 to 1.15.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate missed touchpoints on v1.1.1 release\u003c/li\u003e\n\u003cli\u003efix: replace Map\u0026lt;string, string\u0026gt; constraint with CacheDelegate to avoid MapIterator in declarations (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/263\"\u003e#263\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(browser): bump \u003ccode\u003e@​datadog/browser-core\u003c/code\u003e to ^6.33.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/261\"\u003e#261\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/254\"\u003e#254\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/253\"\u003e#253\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003echore(browser): move \u003ccode\u003e@​types/chrome\u003c/code\u003e from dependencies to devDependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/250\"\u003e#250\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003efix(node): mark open \u003ccode\u003e@​openfeature/server-sdk\u003c/code\u003e as non-optional (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/248\"\u003e#248\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eRemove nested attributes from setContext example (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/234\"\u003e#234\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003echore: Harden npm supply chain with \u003ccode\u003e@​lavamoat/allow-scripts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/233\"\u003e#233\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e*_ Bug Fixes_\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow null targeting key for static and rule-only flags (\u003ca href=\"https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server/issues/232\"\u003e#232\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBehavior Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/208293e04a79701c97f416665c51b6ccd02c089f\"\u003e\u003ccode\u003e208293e\u003c/code\u003e\u003c/a\u003e Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/d81d422b2676b0202c8b3b8fd98c6bb6238ef8b1\"\u003e\u003ccode\u003ed81d422\u003c/code\u003e\u003c/a\u003e fix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DataDog/openfeature-js-client/commits/@datadog/openfeature-node-server@2.0.0/packages/node-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/elasticsearch` from 9.4.0 to 9.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elasticsearch-js/releases\"\u003e@​elastic/elasticsearch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.4.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.2\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.4.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.1\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/436cd88c09899bbbb48fc53174d08e8f73371a41\"\u003e\u003ccode\u003e436cd88\u003c/code\u003e\u003c/a\u003e bump 9.4.2 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3309\"\u003e#3309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/6cd7358e05b0fb70572f2766963ac44493e43417\"\u003e\u003ccode\u003e6cd7358\u003c/code\u003e\u003c/a\u003e fix: bulk operations check too strict [backport] (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3311\"\u003e#3311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/cabdb6606def80e8410d051c45d2e4f151541785\"\u003e\u003ccode\u003ecabdb66\u003c/code\u003e\u003c/a\u003e fix: backport globby removal and junit CI fixes to 9.4 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3303\"\u003e#3303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/47ca4ab865ff4fefb1e679d03078c90f3bb4b490\"\u003e\u003ccode\u003e47ca4ab\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3300\"\u003e#3300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/78a4391d247c7e1bef9f70264c053c981a9424a9\"\u003e\u003ccode\u003e78a4391\u003c/code\u003e\u003c/a\u003e [9.4] chore: update ESM patching for apache-arrow (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3294\"\u003e#3294\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3295\"\u003e#3295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/b88dca6c76756aa354f69ff0069fd40f4c198084\"\u003e\u003ccode\u003eb88dca6\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3290\"\u003e#3290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/bd7b2af7a6d2de7a09ebaf7ea725bbe57723d3d9\"\u003e\u003ccode\u003ebd7b2af\u003c/code\u003e\u003c/a\u003e 9.4.1 changelog (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3284\"\u003e#3284\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3285\"\u003e#3285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/4ff8dce1ae7ef54e514feac06925df94dbe8049a\"\u003e\u003ccode\u003e4ff8dce\u003c/code\u003e\u003c/a\u003e bump to 9.4.1 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3283\"\u003e#3283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/588c55aa25e438ef93f3d7bee46eb1964e0e1378\"\u003e\u003ccode\u003e588c55a\u003c/code\u003e\u003c/a\u003e [9.4] fix: throw errors properly when bulk helper uses a stream (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3281\"\u003e#3281\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3282\"\u003e#3282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elastic/elasticsearch-js/compare/v9.4.0...v9.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/transport` from 9.3.5 to 9.3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elastic-transport-js/releases\"\u003e@​elastic/transport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.3.7\u003c/h2\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emark timed-out nodes dead when retryOnTimeout is false by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/382\"\u003eelastic/elastic-transport-js#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.6...v9.3.7\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.6...v9.3.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.3.6\u003c/h2\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse Buffer.concat for UTF-8 response body to prevent multi-byte character corruption by \u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent false NoLivingConnectionsError in WeightedConnectionPool by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/369\"\u003eelastic/elastic-transport-js#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprevent ConnectionError with empty message by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/370\"\u003eelastic/elastic-transport-js#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eensure Error.cause propagates by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/371\"\u003eelastic/elastic-transport-js#371\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse correct content-type on empty requests by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/372\"\u003eelastic/elastic-transport-js#372\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/65a258563e0cd7d1f4c8aff6f66ba60ef0b8dad3\"\u003e\u003ccode\u003e65a2585\u003c/code\u003e\u003c/a\u003e fix: mark timed-out nodes dead when retryOnTimeout is false (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/382\"\u003e#382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/68389bab3b4e0388f62dd1226f86c259bc88e059\"\u003e\u003ccode\u003e68389ba\u003c/code\u003e\u003c/a\u003e chore(deps): pin actions/github-script action to f28e40c (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/379\"\u003e#379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/a657bd6e4a1dc95242a228f1eece39cf9d34e08c\"\u003e\u003ccode\u003ea657bd6\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to 8530f76 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/380\"\u003e#380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/668d8050d7fb83d381a352f08fbfd572f014dcae\"\u003e\u003ccode\u003e668d805\u003c/code\u003e\u003c/a\u003e ci: add AI backport resolver (gh-aw prompt + issue_comment trigger) (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/377\"\u003e#377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/4fe6d59752f56ce7dd0e02514c108a0f299b8e02\"\u003e\u003ccode\u003e4fe6d59\u003c/code\u003e\u003c/a\u003e ci: point to clients-team-automations instead of devtools (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/378\"\u003e#378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/eaca5eb8c049ef3b1e73f0205e89ca3d2c4bdcd0\"\u003e\u003ccode\u003eeaca5eb\u003c/code\u003e\u003c/a\u003e fix: remove non-ASCII characters causing workflow parse failure (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/375\"\u003e#375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/ca6bf3fe78a469016fa3b135734822488e697bd5\"\u003e\u003ccode\u003eca6bf3f\u003c/code\u003e\u003c/a\u003e ci: replace thin caller with full AI backport resolver workflow (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5ef792abf78ba81e534e6dff0f398cef63b20383\"\u003e\u003ccode\u003e5ef792a\u003c/code\u003e\u003c/a\u003e fix: use correct content-type on empty requests (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/d619d0d462c40104aca949a79a3e420c0037d4e9\"\u003e\u003ccode\u003ed619d0d\u003c/code\u003e\u003c/a\u003e fix: ensure Error.cause propagates (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5f1eab1b44707d6afb8c54513893ffc3e8c53fd8\"\u003e\u003ccode\u003e5f1eab1\u003c/code\u003e\u003c/a\u003e fix: prevent ConnectionError with empty message (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@electron/packager` from 20.0.0 to 20.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/electron/packager/releases\"\u003e@​electron/packager's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/electron/packager/compare/v20.0.0...v20.0.1\"\u003e20.0.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eswap \u003ccode\u003eextract-zip\u003c/code\u003e with \u003ccode\u003e@electron-internal/extract-zip\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1917\"\u003e#1917\u003c/a\u003e) (\u003ca href=\"https://github.com/electron/packager/commit/0ff6c2a14f6842ee2f549183a52f16a03001292c\"\u003e0ff6c2a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/0ff6c2a14f6842ee2f549183a52f16a03001292c\"\u003e\u003ccode\u003e0ff6c2a\u003c/code\u003e\u003c/a\u003e fix: swap \u003ccode\u003eextract-zip\u003c/code\u003e with \u003ccode\u003e@electron-internal/extract-zip\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1917\"\u003e#1917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/0076a3658e19470f836dae4fd5accbf7dff896a9\"\u003e\u003ccode\u003e0076a36\u003c/code\u003e\u003c/a\u003e chore: bump vitest from 3.2.4 to 4.1.0 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1916\"\u003e#1916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/b0413a0907368e68530c027c18cb62e3bcfc81f3\"\u003e\u003ccode\u003eb0413a0\u003c/code\u003e\u003c/a\u003e chore: bump brace-expansion from 5.0.5 to 5.0.6 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1915\"\u003e#1915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/eed530c1afba2ede9e9f356ec2001668f35adbe6\"\u003e\u003ccode\u003eeed530c\u003c/code\u003e\u003c/a\u003e ci: add a GitHub Actions Completed job (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1914\"\u003e#1914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/b0eb94de5be7cd96780d948e91374d916fa723bf\"\u003e\u003ccode\u003eb0eb94d\u003c/code\u003e\u003c/a\u003e build(dev-deps): drop tsx (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1908\"\u003e#1908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/56f519fb32d478896996e80177dc85e5d7a6489f\"\u003e\u003ccode\u003e56f519f\u003c/code\u003e\u003c/a\u003e build: remove parse-author dependency (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1912\"\u003e#1912\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/23cb235c1ea8fead4597664cd62bdfdeccb73c9f\"\u003e\u003ccode\u003e23cb235\u003c/code\u003e\u003c/a\u003e chore: bump ip-address from 10.0.1 to 10.1.1 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1913\"\u003e#1913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/feb3114f21d96f3424fed6fc0e0199fb81bba2c0\"\u003e\u003ccode\u003efeb3114\u003c/code\u003e\u003c/a\u003e chore: bump the non-major-version-updates group with 4 updates (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1911\"\u003e#1911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/555715325a2d9ac31f8759ce77fdbdda15bb8d4d\"\u003e\u003ccode\u003e5557153\u003c/code\u003e\u003c/a\u003e chore: bump postcss from 8.5.6 to 8.5.10 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1910\"\u003e#1910\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/packager/commit/d71c96bdecf90e18efb0236b0cd28dc1e6a37ba8\"\u003e\u003ccode\u003ed71c96b\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 (\u003ca href=\"https://redirect.github.com/electron/packager/issues/1909\"\u003e#1909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/electron/packager/compare/v20.0.0...v20.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@google-cloud/pubsub` from 5.3.0 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/google-cloud-node/releases\"\u003e@​google-cloud/pubsub's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003epubsub: v5.3.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/google-cloud-node/compare/pubsub-v5.3.0...pubsub-v5.3.1\"\u003e5.3.1\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump all node submodules (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/8178\"\u003e#8178\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/9fd76eff87b1cf02db6205f141449b31e8ab7d8f\"\u003e9fd76ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epubsub:\u003c/strong\u003e Remove messages from leasing on nackWithResponse (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/7817\"\u003e#7817\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/841f0ca06d3d70278bb1d0c99535ad3c73c3d5d4\"\u003e841f0ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/google-cloud-node/blob/main/handwritten/pubsub/CHANGELOG.md\"\u003e@​google-cloud/pubsub's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/google-cloud-node/compare/pubsub-v5.3.0...pubsub-v5.3.1\"\u003e5.3.1\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump all node submodules (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/8178\"\u003e#8178\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/9fd76eff87b1cf02db6205f141449b31e8ab7d8f\"\u003e9fd76ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epubsub:\u003c/strong\u003e Remove messages from leasing on nackWithResponse (\u003ca href=\"https://redirect.github.com/googleapis/google-cloud-node/issues/7817\"\u003e#7817\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/google-cloud-node/commit/841f0ca06d3d70278bb1d0c99535ad3c73c3d5d4\"\u003e841f0ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/googleapis/google-cloud-node/commits/dns-v5.3.1/handwritten/pubsub\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.14.3 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.14.3...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 2.0.3 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: stub ws types to prevent them leaking in public types by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/359\"\u003ehonojs/node-server#359\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ehttps://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/9e1cdee836baeb13f33e857a582b29546185c324\"\u003e\u003ccode\u003e9e1cdee\u003c/code\u003e\u003c/a\u003e 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b4ca62216c9b537f1e56e0282bc8b5ee5b953b26\"\u003e\u003ccode\u003eb4ca622\u003c/code\u003e\u003c/a\u003e fix: stub ws types to prevent them leaking in public types (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/359\"\u003e#359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@koa/router` from 15.5.0 to 15.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/router/releases\"\u003e@​koa/router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: drop node v20 from ci pipeline  b5f9b6c\u003c/li\u003e\n\u003cli\u003echore: update *.md docs files  d586f45\u003c/li\u003e\n\u003cli\u003echore: add more tests + bump deps  7148fd1\u003c/li\u003e\n\u003cli\u003efix: hide internal rest param from prefixed middleware  99a6ae6\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/koajs/router/compare/v15.5.0...v15.6.0\"\u003ehttps://github.com/koajs/router/compare/v15.5.0...v15.6.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/5b989fe0e37a4e1044287ba3fc935f5d0d623702\"\u003e\u003ccode\u003e5b989fe\u003c/code\u003e\u003c/a\u003e v15.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/b5f9b6cee1e9822074ff45c7abaf7aab1743dc3a\"\u003e\u003ccode\u003eb5f9b6c\u003c/code\u003e\u003c/a\u003e ci: drop node v20 from ci pipeline\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/d586f450ee0e92dd71ab995adfb1a535bcf55fba\"\u003e\u003ccode\u003ed586f45\u003c/code\u003e\u003c/a\u003e chore: update *.md docs files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/7148fd1491ca9b116cdf52fa3446d235539137f8\"\u003e\u003ccode\u003e7148fd1\u003c/code\u003e\u003c/a\u003e chore: add more tests + bump deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/router/commit/99a6ae6a259cc26b8227288a99303b7bc7f597a1\"\u003e\u003ccode\u003e99a6ae6\u003c/code\u003e\u003c/a\u003e fix: hide internal rest param from prefixed middleware\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/koajs/router/compare/v15.5.0...v15.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.0 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aerospike` from 6.7.0 to 6.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/releases\"\u003eaerospike's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[6.7.1]\u003c/h2\u003e\n\u003cp\u003eRelease Date: May 26, 2026\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress node.js client vulnerabilities reported by Dependabot. [CLIENT-4732]\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e...\n\u003cul\u003e\n\u003cli\u003eas a development dependency from 9.0.5 to 9.0.9.\u003c/li\u003e\n\u003cli\u003eas a runtime dependency from 3.1.2 to 3.1.5.\u003c/li\u003e\n\u003cli\u003eThis addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-27904\u003c/li\u003e\n\u003cli\u003eCVE-2026-27903\u003c/li\u003e\n\u003cli\u003eCVE-2026-26996\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003etar\u003c/code\u003e from 7.5.7 to 7.5.15. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-29786\u003c/li\u003e\n\u003cli\u003eCVE-2026-31802\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003epicomatch\u003c/code\u003e from 4.0.3 to 4.0.4. This addresses CVE-2026-33671.\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eprotobufjs\u003c/code\u003e from 7.5.4 to 7.5.8. This addresses the following vulnerabilities where protobufjs...\n\u003cul\u003e\n\u003cli\u003eis a runtime dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-41242\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eis a development dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-44291\u003c/li\u003e\n\u003cli\u003eCVE-2026-44290\u003c/li\u003e\n\u003cli\u003eCVE-2026-44293\u003c/li\u003e\n\u003cli\u003eCVE-2026-44289\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump development dependency \u003ccode\u003eflatted\u003c/code\u003e from 3.3.3 to 3.4.2. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-33228\u003c/li\u003e\n\u003cli\u003eCVE-2026-32141\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ehttps://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e64dca8645265de9f1c9fb697304296f0342474d\"\u003e\u003ccode\u003ee64dca8\u003c/code\u003e\u003c/a\u003e Forgot to update the rest of the jobs in the stage tests to convert the runne...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e7e1fdfe4240ff118ff388f4205b121f9b4ae3e1\"\u003e\u003ccode\u003ee7e1fdf\u003c/code\u003e\u003c/a\u003e Fix syntax. TODO should add actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c90678774e1f049310b04a5cdfdc7a14e2b6b9dc\"\u003e\u003ccode\u003ec906787\u003c/code\u003e\u003c/a\u003e Use shared workflow from aerospike/aerospike-client-python from dev commit no...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/35145f29ac91c6ac8e2f8a68bc89a22b71a263c5\"\u003e\u003ccode\u003e35145f2\u003c/code\u003e\u003c/a\u003e Fix syntax error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6486f505e6857c80e362349f39168dff84ddcf32\"\u003e\u003ccode\u003e6486f50\u003c/code\u003e\u003c/a\u003e Use the same syntax in aerospike-client-python to pass encoded json output to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/ff05b8cb767992e3a4354556e70fb56a0498be74\"\u003e\u003ccode\u003eff05b8c\u003c/code\u003e\u003c/a\u003e Rename SMA2 self hosted macos runner to the default labels used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/affd51c22e4cc317d5e186d29a25adf04c82b42d\"\u003e\u003ccode\u003eaffd51c\u003c/code\u003e\u003c/a\u003e Bump version to 6.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c12499bdda4d9730d0319a4dc7c6c88a44bf1ee1\"\u003e\u003ccode\u003ec12499b\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Bump version to 6.7.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6b6da3ae8379de9536d392a8961caba3e7556a2a\"\u003e\u003ccode\u003e6b6da3a\u003c/code\u003e\u003c/a\u003e Fix bug where artifacts for release bundles are built for the wrong revision ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/242ad5bdbb487080a273bdc31b65f3fb899d3c68\"\u003e\u003ccode\u003e242ad5b\u003c/code\u003e\u003c/a\u003e Fix usage of promote-and-optionally-tag-release-bundle.yml in stage workflow.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.16.1 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRequest Data Merging:\u003c/strong\u003e Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10812\"\u003e#10812\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBundler Compatibility:\u003c/strong\u003e Converted \u003ccode\u003eresolveConfig\u003c/code\u003e from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10891\"\u003e#10891\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Corrected \u003ccode\u003eAxiosHeaders.toJSON()\u003c/code\u003e return types and updated CommonJS \u003ccode\u003eisCancel\u003c/code\u003e typings to narrow to \u003ccode\u003eCanceledError\u0026lt;T\u0026gt;\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10956\"\u003e#10956\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10952\"\u003e#10952\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild Tooling:\u003c/strong\u003e Avoided emitting a null \u003ccode\u003eAuthorization\u003c/code\u003e header from the GitHub build helper when \u003ccode\u003eGITHUB_TOKEN\u003c/code\u003e is unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10931\"\u003e#10931\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2 Internals:\u003c/strong\u003e Extracted \u003ccode\u003eHttp2Sessions\u003c/code\u003e into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10861\"\u003e#10861\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePackage Publishing:\u003c/strong\u003e Reduced published package size by switching to a \u003ccode\u003efiles\u003c/code\u003e allowlist and dropping unneeded unminified bundle source maps. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10939\"\u003e#10939\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI and Release Automation:\u003c/strong\u003e Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10907\"\u003e#10907\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10911\"\u003e#10911\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10916\"\u003e#10916\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10927\"\u003e#10927\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/ax...\n\n_Description has been truncated_","html_url":"https://github.com/DataDog/dd-trace-js/pull/8833","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2Fdd-trace-js/issues/8833","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8833/packages"}},{"old_version":"3.1.9","new_version":"3.1.10","update_type":"patch","path":null,"pr_created_at":"2026-06-03T21:38:09.000Z","version_change":"3.1.9 → 3.1.10","issue":{"uuid":"4583836234","node_id":"PR_kwDON2NuTs7ibOBU","number":5,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 33 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":["HiromiShikata"],"locked":true,"comments_count":2,"pull_request":true,"closed_at":"2026-06-14T02:11:56.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-03T21:38:09.000Z","updated_at":"2026-06-14T02:11:57.000Z","time_to_close":880427,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":33,"packages":[{"name":"@babel/helpers","old_version":"7.23.2","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.23.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.12.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"body-parser","old_version":"1.20.2","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.19.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.1","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.2.9","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.6","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.6","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"jsonpath","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/dchester/jsonpath"},{"name":"launch-editor","old_version":"2.6.1","new_version":"2.14.1","repository_url":"https://github.com/vitejs/launch-editor"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"micromatch","old_version":"4.0.5","new_version":"4.0.8","repository_url":"https://github.com/micromatch/micromatch"},{"name":"nanoid","old_version":"3.3.6","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"node-forge","old_version":"1.3.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"yaml","old_version":"2.3.3","new_version":"2.9.0","repository_url":"https://github.com/eemeli/yaml"},{"name":"rollup","old_version":"2.79.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.89.0","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"ws","old_version":"8.14.2","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.9","new_version":"7.5.11","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 27 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.23.2` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.23.0` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.12.0` | `8.20.0` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.19.2` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.1` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.9` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.6` | `1.16.0` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |\n| [launch-editor](https://github.com/vitejs/launch-editor) | `2.6.1` | `2.14.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.12` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n| [yaml](https://github.com/eemeli/yaml) | `2.3.3` | `2.9.0` |\n| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.89.0` | `5.107.2` |\n| [ws](https://github.com/websockets/ws) | `8.14.2` | `8.21.0` |\n| [ws](https://github.com/websockets/ws) | `7.5.9` | `7.5.11` |\n\n\nUpdates `@babel/helpers` from 7.23.2 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.23.0 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.12.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.2 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.2...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.19.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.19.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.1 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.6.0 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.9 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.9...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.19.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci...\n\n_Description has been truncated_","html_url":"https://github.com/HiromiShikata/landy-react-template/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HiromiShikata%2Flandy-react-template/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"5.0.2","new_version":"6.0.1","update_type":"major","path":null,"pr_created_at":"2026-06-02T03:20:20.000Z","version_change":"5.0.2 → 6.0.1","issue":{"uuid":"4568102446","node_id":"PR_kwDOQMbXY87hnd9T","number":507,"state":"closed","title":"chore(deps): bump the all-npm-updates group with 2 updates","user":"dependabot[bot]","labels":["automated","dependencies"],"assignees":["gogorichie"],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-06-02T08:01:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-02T03:20:20.000Z","updated_at":"2026-06-10T01:49:50.000Z","time_to_close":16873,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"all-npm-updates","update_count":2,"packages":[{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"eslint","old_version":"10.4.0","new_version":"10.4.1","repository_url":"https://github.com/eslint/eslint"}],"path":null,"ecosystem":"npm"},"body":"Bumps the all-npm-updates group with 2 updates: [ejs](https://github.com/mde/ejs) and [eslint](https://github.com/eslint/eslint).\n\nUpdates `ejs` from 5.0.2 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.4.0 to 10.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e) (Minh Vu)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85\"\u003e\u003ccode\u003ec5bc78b\u003c/code\u003e\u003c/a\u003e fix: false positive for reference in \u003ccode\u003efinally\u003c/code\u003e block (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20655\"\u003e#20655\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59\"\u003e\u003ccode\u003e27538c0\u003c/code\u003e\u003c/a\u003e fix: add missing CodePath and CodePathSegment types (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20853\"\u003e#20853\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43\"\u003e\u003ccode\u003e305d5b9\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rules from related rules section (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20911\"\u003e#20911\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c\"\u003e\u003ccode\u003e49b0202\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003edisplay: none\u003c/code\u003e of ad (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20901\"\u003e#20901\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44\"\u003e\u003ccode\u003e9067f94\u003c/code\u003e\u003c/a\u003e docs: switch build to Node.js 24 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20893\"\u003e#20893\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86\"\u003e\u003ccode\u003ec91b041\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870\"\u003e\u003ccode\u003ee349265\u003c/code\u003e\u003c/a\u003e docs: clarify semver strings in rule deprecation objects (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20885\"\u003e#20885\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20922\"\u003e#20922\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e) (Arpit Jain)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b\"\u003e\u003ccode\u003e64bca24\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20912\"\u003e#20912\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6d7c832950d5e92499d88e504080661f888f8f56\"\u003e\u003ccode\u003e6d7c832\u003c/code\u003e\u003c/a\u003e chore: ignore fflate updates in renovate (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20908\"\u003e#20908\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b2c86382164d87c6203b78d52068cd6a2a6ffe30\"\u003e\u003ccode\u003eb2c8638\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.7 to 6.0.8 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20889\"\u003e#20889\u003c/a\u003e) (dependabot[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a9b8d7f74c50211701cfc49710fa541fd91b2aa5\"\u003e\u003ccode\u003ea9b8d7f\u003c/code\u003e\u003c/a\u003e chore: increase maxBuffer for ecosystem tests (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20881\"\u003e#20881\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b702ead5e1ed7cb9f28238a454797662efb37396\"\u003e\u003ccode\u003eb702ead\u003c/code\u003e\u003c/a\u003e chore: update ecosystem update PR settings (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20884\"\u003e#20884\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/507f60e9a78c9a902bc8759f066ae17a1ea6cd81\"\u003e\u003ccode\u003e507f60e\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20882\"\u003e#20882\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/92f5c5bb6bf3a5d167c8ee53a430833410295c6d\"\u003e\u003ccode\u003e92f5c5b\u003c/code\u003e\u003c/a\u003e test: add unit test for message-count (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20878\"\u003e#20878\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/df321080af5758b1fa25e4b9a40e26135642dd6e\"\u003e\u003ccode\u003edf32108\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003e@​eslint/markdown\u003c/code\u003e and typescript-eslint ecosystem tests (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20837\"\u003e#20837\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/327f91d36aa49f2a50ded931d841a16374fd875f\"\u003e\u003ccode\u003e327f91d\u003c/code\u003e\u003c/a\u003e chore: use includeIgnoreFile internally (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20876\"\u003e#20876\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f0dc4bd893fb3a9f44e4ddc3ad7063ffb0beacd3\"\u003e\u003ccode\u003ef0dc4bd\u003c/code\u003e\u003c/a\u003e chore: pin fflate@0.8.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20877\"\u003e#20877\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/0f4bd257a67a082b756de746d9e0c4842ab764ca\"\u003e\u003ccode\u003e0f4bd25\u003c/code\u003e\u003c/a\u003e ci: run Discord alert for ecosystem test failures (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20873\"\u003e#20873\u003c/a\u003e) (Copilot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/4a3d15a99c452c4db2fd56b577fa7597e98ab0c2\"\u003e\u003ccode\u003e4a3d15a\u003c/code\u003e\u003c/a\u003e 10.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/43e7e2bdc5c6cacc535446b7d23c10f780384ba8\"\u003e\u003ccode\u003e43e7e2b\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20\"\u003e#20\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.4.0...v10.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/Gogorichielab/PPCollection/pull/507","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gogorichielab%2FPPCollection/issues/507","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/507/packages"}},{"old_version":"3.1.6","new_version":"3.1.10","update_type":"patch","path":null,"pr_created_at":"2026-06-01T23:01:09.000Z","version_change":"3.1.6 → 3.1.10","issue":{"uuid":"4566989322","node_id":"PR_kwDOHBES0M7hj3L2","number":8,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 32 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-01T23:01:09.000Z","updated_at":"2026-06-01T23:01:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":32,"packages":[{"name":"axios","old_version":"0.26.1","new_version":"0.32.0","repository_url":"https://github.com/axios/axios"},{"name":"@babel/helpers","old_version":"7.17.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.10.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"body-parser","old_version":"1.19.2","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.3","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.4","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"ip","old_version":"1.1.5","new_version":"removed","repository_url":"https://github.com/indutny/node-ip"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"micromatch","old_version":"4.0.4","new_version":"4.0.8","repository_url":"https://github.com/micromatch/micromatch"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"nanoid","old_version":"3.3.1","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"node-forge","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"rollup","old_version":"2.70.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.70.0","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"ws","old_version":"8.5.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.7","new_version":"7.5.11","repository_url":"https://github.com/websockets/ws"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 26 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.26.1` | `0.32.0` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.17.7` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.16.7` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.10.0` | `8.20.0` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.2` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.3` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.4` | `2.0.9` |\n| [ip](https://github.com/indutny/node-ip) | `1.1.5` | `removed` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.4` | `4.0.8` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.1` | `3.3.12` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.2.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [rollup](https://github.com/rollup/rollup) | `2.70.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.70.0` | `5.107.2` |\n| [ws](https://github.com/websockets/ws) | `8.5.0` | `8.21.0` |\n| [ws](https://github.com/websockets/ws) | `7.5.7` | `7.5.11` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `axios` from 0.26.1 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.26.1...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.17.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.10.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.19.2 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.19.2...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.3 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.3...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.4.2 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epriority\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eexpires\u003c/code\u003e option to reject invalid dates\u003c/li\u003e\n\u003cli\u003epref: improve default decode speed\u003c/li\u003e\n\u003cli\u003epref: remove slow string split in parse\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cd...\n\n_Description has been truncated_","html_url":"https://github.com/geolonia/style-compare/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/geolonia%2Fstyle-compare/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}},{"old_version":"5.0.2","new_version":"6.0.1","update_type":"major","path":null,"pr_created_at":"2026-06-01T01:46:05.000Z","version_change":"5.0.2 → 6.0.1","issue":{"uuid":"4559746417","node_id":"PR_kwDOBwapYs7hMQQF","number":8737,"state":"open","title":"chore(deps): bump the test-versions group across 1 directory with 20 updates","user":"dependabot[bot]","labels":["semver-patch","dependencies","javascript","dependabot"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-01T01:46:05.000Z","updated_at":"2026-06-01T01:51:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"test-versions","update_count":20,"packages":[{"name":"@babel/core","old_version":"7.29.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/preset-typescript","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@datadog/openfeature-node-server","old_version":"1.2.1","new_version":"2.0.0","repository_url":"https://github.com/DataDog/openfeature-js-client"},{"name":"@elastic/elasticsearch","old_version":"9.4.0","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch-js"},{"name":"@elastic/transport","old_version":"9.3.5","new_version":"9.3.6","repository_url":"https://github.com/elastic/elastic-transport-js"},{"name":"@grpc/grpc-js","old_version":"1.14.3","new_version":"1.14.4","repository_url":"https://github.com/grpc/grpc-node"},{"name":"@hono/node-server","old_version":"2.0.3","new_version":"2.0.4","repository_url":"https://github.com/honojs/node-server"},{"name":"@types/node","old_version":"25.9.0","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"aerospike","old_version":"6.7.0","new_version":"6.7.1","repository_url":"https://github.com/aerospike/aerospike-client-nodejs"},{"name":"bullmq","old_version":"5.76.10","new_version":"5.77.6","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"},{"name":"electron","old_version":"42.1.0","new_version":"42.3.0","repository_url":"https://github.com/electron/electron"},{"name":"hono","old_version":"4.12.19","new_version":"4.12.23","repository_url":"https://github.com/honojs/hono"},{"name":"koa","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/koajs/koa"},{"name":"mariadb","old_version":"3.4.5","new_version":"3.5.2","repository_url":"https://github.com/mariadb-corporation/mariadb-connector-nodejs"},{"name":"npm","old_version":"11.14.1","new_version":"11.16.0","repository_url":"https://github.com/npm/cli"},{"name":"pnpm","old_version":"11.1.3","new_version":"11.4.0","repository_url":"https://github.com/pnpm/pnpm"},{"name":"protobufjs","old_version":"8.4.0","new_version":"8.4.2","repository_url":"https://github.com/protobufjs/protobuf.js"},{"name":"stripe","old_version":"22.1.1","new_version":"22.2.0","repository_url":"https://github.com/stripe/stripe-node"},{"name":"ws","old_version":"8.20.1","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the test-versions group with 20 updates in the /packages/dd-trace/test/plugins/versions directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.29.0` | `7.29.7` |\n| [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) | `7.28.5` | `7.29.7` |\n| [@datadog/openfeature-node-server](https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server) | `1.2.1` | `2.0.0` |\n| [@elastic/elasticsearch](https://github.com/elastic/elasticsearch-js) | `9.4.0` | `9.4.2` |\n| [@elastic/transport](https://github.com/elastic/elastic-transport-js) | `9.3.5` | `9.3.6` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.14.3` | `1.14.4` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `2.0.3` | `2.0.4` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.0` | `25.9.1` |\n| [aerospike](https://github.com/aerospike/aerospike-client-nodejs) | `6.7.0` | `6.7.1` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.10` | `5.77.6` |\n| [ejs](https://github.com/mde/ejs) | `5.0.2` | `6.0.1` |\n| [electron](https://github.com/electron/electron) | `42.1.0` | `42.3.0` |\n| [hono](https://github.com/honojs/hono) | `4.12.19` | `4.12.23` |\n| [koa](https://github.com/koajs/koa) | `3.2.0` | `3.2.1` |\n| [mariadb](https://github.com/mariadb-corporation/mariadb-connector-nodejs) | `3.4.5` | `3.5.2` |\n| [npm](https://github.com/npm/cli) | `11.14.1` | `11.16.0` |\n| [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) | `11.1.3` | `11.4.0` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `8.4.0` | `8.4.2` |\n| [stripe](https://github.com/stripe/stripe-node) | `22.1.1` | `22.2.0` |\n| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |\n\n\nUpdates `@babel/core` from 7.29.0 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/04ea6b27fdac8f40c3481aec2080ac9678779509\"\u003e\u003ccode\u003e04ea6b2\u003c/code\u003e\u003c/a\u003e v7.29.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99f498a9b9fa0b900d603fbe8f6601bb3b9e42bb\"\u003e\u003ccode\u003e99f498a\u003c/code\u003e\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/18001\"\u003e#18001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/feba0a3654c596bd369d1ef1231f5d56666d56dc\"\u003e\u003ccode\u003efeba0a3\u003c/code\u003e\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-core/issues/17998\"\u003e#17998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/preset-typescript` from 7.28.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/preset-typescript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f3a22268bdc4fc6748cbc2be718a4d1090bdaf00\"\u003e\u003ccode\u003ef3a2226\u003c/code\u003e\u003c/a\u003e [babel 7] Delete Babel 8 fixtures (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript/issues/17729\"\u003e#17729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-preset-typescript\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@datadog/openfeature-node-server` from 1.2.1 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/releases\"\u003e@​datadog/openfeature-node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add npm compatibility smoke test by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003eDataDog/openfeature-js-client#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003eDataDog/openfeature-js-client#283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: switch to lerna independent versioning by \u003ca href=\"https://github.com/sameerank\"\u003e\u003ccode\u003e@​sameerank\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003eDataDog/openfeature-js-client#288\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@datadog/openfeature-node-server@2.0.0\"\u003ehttps://github.com/DataDog/openfeature-js-client/compare/v1.2.1...@​datadog/openfeature-node-server@2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataDog/openfeature-js-client/blob/main/CHANGELOG.md\"\u003e@​datadog/openfeature-node-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​datadog/openfeature-browser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.2.2, \u003ccode\u003e@​datadog/openfeature-node-server\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version to prevent version skew [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003echore: switch to lerna independent versioning (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: pin exact versions for internal dependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: add npm compatibility smoke test (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e This is the first stable release with the serialId feature. v1.2.0 had yarn syntax issues, v1.2.1 had loose dependency issues. \u003ccode\u003enode-server\u003c/code\u003e is bumped to 2.0.0 to prevent automatic upgrades by older dd-trace versions with unpinned dependencies.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat(node): expose serial ID in flagMetadata for span enrichment (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/269\"\u003e#269\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003e👷 ci(deps): Bump dependabot/fetch-metadata (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/267\"\u003e#267\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eInternal Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e👷 ci(deps)(deps): Bump actions/setup-node in the github-actions group (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps)(deps): Bump tmp from 0.2.3 to 0.2.5 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/228\"\u003e#228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps-dev)(deps-dev): Bump glob from 11.1.0 to 13.0.6 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e👷 chore(deps): Bump axios from 1.13.4 to 1.15.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate missed touchpoints on v1.1.1 release\u003c/li\u003e\n\u003cli\u003efix: replace Map\u0026lt;string, string\u0026gt; constraint with CacheDelegate to avoid MapIterator in declarations (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/263\"\u003e#263\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/252\"\u003e#252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(browser): bump \u003ccode\u003e@​datadog/browser-core\u003c/code\u003e to ^6.33.0 (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/261\"\u003e#261\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/254\"\u003e#254\u003c/a\u003e) [BROWSER] [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eExecuting automated changes (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/253\"\u003e#253\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003echore(browser): move \u003ccode\u003e@​types/chrome\u003c/code\u003e from dependencies to devDependencies (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/250\"\u003e#250\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003efix(node): mark open \u003ccode\u003e@​openfeature/server-sdk\u003c/code\u003e as non-optional (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/248\"\u003e#248\u003c/a\u003e) [NODE-SERVER]\u003c/li\u003e\n\u003cli\u003eRemove nested attributes from setContext example (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/234\"\u003e#234\u003c/a\u003e) [BROWSER]\u003c/li\u003e\n\u003cli\u003echore: Harden npm supply chain with \u003ccode\u003e@​lavamoat/allow-scripts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/DataDog/openfeature-js-client/pull/233\"\u003e#233\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e*_ Bug Fixes_\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow null targeting key for static and rule-only flags (\u003ca href=\"https://github.com/DataDog/openfeature-js-client/tree/HEAD/packages/node-server/issues/232\"\u003e#232\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBehavior Changes:\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/208293e04a79701c97f416665c51b6ccd02c089f\"\u003e\u003ccode\u003e208293e\u003c/code\u003e\u003c/a\u003e Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataDog/openfeature-js-client/commit/d81d422b2676b0202c8b3b8fd98c6bb6238ef8b1\"\u003e\u003ccode\u003ed81d422\u003c/code\u003e\u003c/a\u003e fix: pin \u003ccode\u003e@​datadog/flagging-core\u003c/code\u003e to exact version\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DataDog/openfeature-js-client/commits/@datadog/openfeature-node-server@2.0.0/packages/node-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/elasticsearch` from 9.4.0 to 9.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elasticsearch-js/releases\"\u003e@​elastic/elasticsearch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.4.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.2\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.4.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://www.elastic.co/docs/release-notes/elasticsearch/clients/javascript#elasticsearch-javascript-client-9.4.1\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/436cd88c09899bbbb48fc53174d08e8f73371a41\"\u003e\u003ccode\u003e436cd88\u003c/code\u003e\u003c/a\u003e bump 9.4.2 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3309\"\u003e#3309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/6cd7358e05b0fb70572f2766963ac44493e43417\"\u003e\u003ccode\u003e6cd7358\u003c/code\u003e\u003c/a\u003e fix: bulk operations check too strict [backport] (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3311\"\u003e#3311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/cabdb6606def80e8410d051c45d2e4f151541785\"\u003e\u003ccode\u003ecabdb66\u003c/code\u003e\u003c/a\u003e fix: backport globby removal and junit CI fixes to 9.4 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3303\"\u003e#3303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/47ca4ab865ff4fefb1e679d03078c90f3bb4b490\"\u003e\u003ccode\u003e47ca4ab\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3300\"\u003e#3300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/78a4391d247c7e1bef9f70264c053c981a9424a9\"\u003e\u003ccode\u003e78a4391\u003c/code\u003e\u003c/a\u003e [9.4] chore: update ESM patching for apache-arrow (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3294\"\u003e#3294\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3295\"\u003e#3295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/b88dca6c76756aa354f69ff0069fd40f4c198084\"\u003e\u003ccode\u003eb88dca6\u003c/code\u003e\u003c/a\u003e Auto-generated API code (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3290\"\u003e#3290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/bd7b2af7a6d2de7a09ebaf7ea725bbe57723d3d9\"\u003e\u003ccode\u003ebd7b2af\u003c/code\u003e\u003c/a\u003e 9.4.1 changelog (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3284\"\u003e#3284\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3285\"\u003e#3285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/4ff8dce1ae7ef54e514feac06925df94dbe8049a\"\u003e\u003ccode\u003e4ff8dce\u003c/code\u003e\u003c/a\u003e bump to 9.4.1 (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3283\"\u003e#3283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elasticsearch-js/commit/588c55aa25e438ef93f3d7bee46eb1964e0e1378\"\u003e\u003ccode\u003e588c55a\u003c/code\u003e\u003c/a\u003e [9.4] fix: throw errors properly when bulk helper uses a stream (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3281\"\u003e#3281\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/elastic/elasticsearch-js/issues/3282\"\u003e#3282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elastic/elasticsearch-js/compare/v9.4.0...v9.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@elastic/transport` from 9.3.5 to 9.3.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elastic/elastic-transport-js/releases\"\u003e@​elastic/transport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.3.6\u003c/h2\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003euse Buffer.concat for UTF-8 response body to prevent multi-byte character corruption by \u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent false NoLivingConnectionsError in WeightedConnectionPool by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/369\"\u003eelastic/elastic-transport-js#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprevent ConnectionError with empty message by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/370\"\u003eelastic/elastic-transport-js#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eensure Error.cause propagates by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/371\"\u003eelastic/elastic-transport-js#371\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse correct content-type on empty requests by \u003ca href=\"https://github.com/JoshMock\"\u003e\u003ccode\u003e@​JoshMock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/372\"\u003eelastic/elastic-transport-js#372\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/joecwu\"\u003e\u003ccode\u003e@​joecwu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/pull/364\"\u003eelastic/elastic-transport-js#364\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\"\u003ehttps://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5ef792abf78ba81e534e6dff0f398cef63b20383\"\u003e\u003ccode\u003e5ef792a\u003c/code\u003e\u003c/a\u003e fix: use correct content-type on empty requests (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/d619d0d462c40104aca949a79a3e420c0037d4e9\"\u003e\u003ccode\u003ed619d0d\u003c/code\u003e\u003c/a\u003e fix: ensure Error.cause propagates (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5f1eab1b44707d6afb8c54513893ffc3e8c53fd8\"\u003e\u003ccode\u003e5f1eab1\u003c/code\u003e\u003c/a\u003e fix: prevent ConnectionError with empty message (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/d00c23dbc62e76df170c14ecf69e447e1cdbc8d3\"\u003e\u003ccode\u003ed00c23d\u003c/code\u003e\u003c/a\u003e Prevent false NoLivingConnectionsError in WeightedConnectionPool (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/369\"\u003e#369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/2db86c63645189d51edde2608873b9dc303173d7\"\u003e\u003ccode\u003e2db86c6\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to e989123 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/368\"\u003e#368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5895e4b8b52a1c8b9d9de43cdc424c0621613bb3\"\u003e\u003ccode\u003e5895e4b\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/setup-node digest to 48b55a0 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/367\"\u003e#367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/a2f607ced1208e135bfe70f7b48cb8109f42f463\"\u003e\u003ccode\u003ea2f607c\u003c/code\u003e\u003c/a\u003e fix: use Buffer.concat for UTF-8 response body to prevent multi-byte characte...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/5e789a3b51abef559a3417e91a6a5d7cbf54aa9a\"\u003e\u003ccode\u003e5e789a3\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to bb20cf7 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elastic/elastic-transport-js/commit/09b619dca674c085b70676ec25d8297f7ddaf595\"\u003e\u003ccode\u003e09b619d\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/setup-node digest to 53b8394 (\u003ca href=\"https://redirect.github.com/elastic/elastic-transport-js/issues/361\"\u003e#361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elastic/elastic-transport-js/compare/v9.3.5...v9.3.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.14.3 to 1.14.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.14.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause servers to crash when handling malformed requests (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-5375-pq7m-f5r2\"\u003eadvisory GHSA-5375-pq7m-f5r2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients and servers to crash when handling malformed compressed messages (\u003ca href=\"https://github.com/grpc/grpc-node/security/advisories/GHSA-99f4-grh7-6pcq\"\u003eadvisory GHSA-99f4-grh7-6pcq\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a380735ba9b0351214f2faa578350a559dd486ff\"\u003e\u003ccode\u003ea380735\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3052\"\u003e#3052\u003c/a\u003e from murgatroid99/grpc-js_1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5b8d37b03d91122ec0b9bc5e27dd26ffa7448337\"\u003e\u003ccode\u003e5b8d37b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/6a97456cc88d2b74e1527b356de98bf8ee8d7a40\"\u003e\u003ccode\u003e6a97456\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/e5e0b1d3ff14fa7c5eeef10b309d694bc3ff7e96\"\u003e\u003ccode\u003ee5e0b1d\u003c/code\u003e\u003c/a\u003e grpc-js: Bump version to 1.14.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5029a2668164d1ba6de6ed4dcf6d35d5c4ff6cf4\"\u003e\u003ccode\u003e5029a26\u003c/code\u003e\u003c/a\u003e Make compression error a static string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/2fe55fd76a8bb59eaab5f39e3552b5f84985a163\"\u003e\u003ccode\u003e2fe55fd\u003c/code\u003e\u003c/a\u003e Fix crashes when receiving malformed compressed data\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/234f9172b2ff35e586ca7d4e788557aad5985668\"\u003e\u003ccode\u003e234f917\u003c/code\u003e\u003c/a\u003e Fix server crash when handling invalid requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/acef8d4adfa091188e9dd572cedf4d87b0f69b21\"\u003e\u003ccode\u003eacef8d4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/3043\"\u003e#3043\u003c/a\u003e from murgatroid99/rbac_types_change_fix_1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/4f3c58fda2136eb0038a39d54804acb06a8419ea\"\u003e\u003ccode\u003e4f3c58f\u003c/code\u003e\u003c/a\u003e grpc-js-xds: Update RBAC code to handle Node type change, pin \u003ccode\u003e@​types/node\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.14.3...@grpc/grpc-js@1.14.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 2.0.3 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: stub ws types to prevent them leaking in public types by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/359\"\u003ehonojs/node-server#359\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ehttps://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/9e1cdee836baeb13f33e857a582b29546185c324\"\u003e\u003ccode\u003e9e1cdee\u003c/code\u003e\u003c/a\u003e 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b4ca62216c9b537f1e56e0282bc8b5ee5b953b26\"\u003e\u003ccode\u003eb4ca622\u003c/code\u003e\u003c/a\u003e fix: stub ws types to prevent them leaking in public types (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/359\"\u003e#359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v2.0.3...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.9.0 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aerospike` from 6.7.0 to 6.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/releases\"\u003eaerospike's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[6.7.1]\u003c/h2\u003e\n\u003cp\u003eRelease Date: May 26, 2026\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress node.js client vulnerabilities reported by Dependabot. [CLIENT-4732]\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e...\n\u003cul\u003e\n\u003cli\u003eas a development dependency from 9.0.5 to 9.0.9.\u003c/li\u003e\n\u003cli\u003eas a runtime dependency from 3.1.2 to 3.1.5.\u003c/li\u003e\n\u003cli\u003eThis addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-27904\u003c/li\u003e\n\u003cli\u003eCVE-2026-27903\u003c/li\u003e\n\u003cli\u003eCVE-2026-26996\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003etar\u003c/code\u003e from 7.5.7 to 7.5.15. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-29786\u003c/li\u003e\n\u003cli\u003eCVE-2026-31802\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump runtime dependency \u003ccode\u003epicomatch\u003c/code\u003e from 4.0.3 to 4.0.4. This addresses CVE-2026-33671.\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eprotobufjs\u003c/code\u003e from 7.5.4 to 7.5.8. This addresses the following vulnerabilities where protobufjs...\n\u003cul\u003e\n\u003cli\u003eis a runtime dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-41242\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eis a development dependency:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-44291\u003c/li\u003e\n\u003cli\u003eCVE-2026-44290\u003c/li\u003e\n\u003cli\u003eCVE-2026-44293\u003c/li\u003e\n\u003cli\u003eCVE-2026-44289\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eBump development dependency \u003ccode\u003eflatted\u003c/code\u003e from 3.3.3 to 3.4.2. This addresses:\n\u003cul\u003e\n\u003cli\u003eCVE-2026-33228\u003c/li\u003e\n\u003cli\u003eCVE-2026-32141\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ehttps://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e64dca8645265de9f1c9fb697304296f0342474d\"\u003e\u003ccode\u003ee64dca8\u003c/code\u003e\u003c/a\u003e Forgot to update the rest of the jobs in the stage tests to convert the runne...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/e7e1fdfe4240ff118ff388f4205b121f9b4ae3e1\"\u003e\u003ccode\u003ee7e1fdf\u003c/code\u003e\u003c/a\u003e Fix syntax. TODO should add actionlint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c90678774e1f049310b04a5cdfdc7a14e2b6b9dc\"\u003e\u003ccode\u003ec906787\u003c/code\u003e\u003c/a\u003e Use shared workflow from aerospike/aerospike-client-python from dev commit no...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/35145f29ac91c6ac8e2f8a68bc89a22b71a263c5\"\u003e\u003ccode\u003e35145f2\u003c/code\u003e\u003c/a\u003e Fix syntax error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6486f505e6857c80e362349f39168dff84ddcf32\"\u003e\u003ccode\u003e6486f50\u003c/code\u003e\u003c/a\u003e Use the same syntax in aerospike-client-python to pass encoded json output to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/ff05b8cb767992e3a4354556e70fb56a0498be74\"\u003e\u003ccode\u003eff05b8c\u003c/code\u003e\u003c/a\u003e Rename SMA2 self hosted macos runner to the default labels used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/affd51c22e4cc317d5e186d29a25adf04c82b42d\"\u003e\u003ccode\u003eaffd51c\u003c/code\u003e\u003c/a\u003e Bump version to 6.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/c12499bdda4d9730d0319a4dc7c6c88a44bf1ee1\"\u003e\u003ccode\u003ec12499b\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Bump version to 6.7.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/6b6da3ae8379de9536d392a8961caba3e7556a2a\"\u003e\u003ccode\u003e6b6da3a\u003c/code\u003e\u003c/a\u003e Fix bug where artifacts for release bundles are built for the wrong revision ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/commit/242ad5bdbb487080a273bdc31b65f3fb899d3c68\"\u003e\u003ccode\u003e242ad5b\u003c/code\u003e\u003c/a\u003e Fix usage of promote-and-optionally-tag-release-bundle.yml in stage workflow.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aerospike/aerospike-client-nodejs/compare/v6.7.0...v6.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bullmq` from 5.76.10 to 5.77.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/taskforcesh/bullmq/releases\"\u003ebullmq's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.77.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.5...v5.77.6\"\u003e5.77.6\u003c/a\u003e (2026-05-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e change NodeRedisRawClient to be node-redis compliant (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4195\"\u003e#4195\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/81709e4abe71f4e7c05c748938ec004a50c1fd4b\"\u003e81709e4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.4...v5.77.5\"\u003e5.77.5\u003c/a\u003e (2026-05-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econnection:\u003c/strong\u003e handle cluster reconnection with timeouts (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4186\"\u003e#4186\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/411690e9070ba0dda59a86628fc8b56ad9ebea04\"\u003e411690e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.3...v5.77.4\"\u003e5.77.4\u003c/a\u003e (2026-05-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ededuplication:\u003c/strong\u003e preserve custom jobId when requeuing keepLastIfActive proto-jobs (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4190\"\u003e#4190\u003c/a\u003e) fixes \u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4030\"\u003e#4030\u003c/a\u003e (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e4972e8fd721035d680ca291049134c3876f8ba\"\u003e6e4972e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.2...v5.77.3\"\u003e5.77.3\u003c/a\u003e (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003ePerformance Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebun-redis:\u003c/strong\u003e remove per-command serialization to enable implicit pipelining (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4188\"\u003e#4188\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/685b0744cfeb273778420835010ec1b16b23e22a\"\u003e685b074\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.1...v5.77.2\"\u003e5.77.2\u003c/a\u003e (2026-05-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econnection:\u003c/strong\u003e use more permissive typing on NodeRedisRawClient options (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4184\"\u003e#4184\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4187\"\u003e#4187\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/0feec14452865c419961edb9c733f9951b6a663f\"\u003e0feec14\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4170\"\u003e#4170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.77.0...v5.77.1\"\u003e5.77.1\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econnections:\u003c/strong\u003e make sure we do not mutate ioredis (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4182\"\u003e#4182\u003c/a\u003e) (\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/75a66af36f7d56c149e070826a20116ea1ef5e7b\"\u003e75a66af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.77.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.76.11...v5.77.0\"\u003e5.77.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/81709e4abe71f4e7c05c748938ec004a50c1fd4b\"\u003e\u003ccode\u003e81709e4\u003c/code\u003e\u003c/a\u003e fix(types): change NodeRedisRawClient to be node-redis compliant (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4195\"\u003e#4195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/411690e9070ba0dda59a86628fc8b56ad9ebea04\"\u003e\u003ccode\u003e411690e\u003c/code\u003e\u003c/a\u003e fix(connection): handle cluster reconnection with timeouts (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4186\"\u003e#4186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/e7d7d874f615cc06a581332f3a6fb6db22da4fb9\"\u003e\u003ccode\u003ee7d7d87\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.4 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4197\"\u003e#4197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e4972e8fd721035d680ca291049134c3876f8ba\"\u003e\u003ccode\u003e6e4972e\u003c/code\u003e\u003c/a\u003e fix(deduplication): preserve custom jobId when requeuing keepLastIfActive pro...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/6e20ecf370cf58ae0c72ac0e296b53f17724d6f3\"\u003e\u003ccode\u003e6e20ecf\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.3 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4193\"\u003e#4193\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/685b0744cfeb273778420835010ec1b16b23e22a\"\u003e\u003ccode\u003e685b074\u003c/code\u003e\u003c/a\u003e perf(bun-redis): remove per-command serialization to enable implicit pipelini...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/4b0571dd20a19116c3be8e9cc20da7c40f31c4eb\"\u003e\u003ccode\u003e4b0571d\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.2 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4189\"\u003e#4189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/0feec14452865c419961edb9c733f9951b6a663f\"\u003e\u003ccode\u003e0feec14\u003c/code\u003e\u003c/a\u003e fix(connection): use more permissive typing on NodeRedisRawClient options (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4\"\u003e#4\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/d8ed22297d4433d095ad669e845c35a30a18d918\"\u003e\u003ccode\u003ed8ed222\u003c/code\u003e\u003c/a\u003e chore(release): 5.77.1 (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/taskforcesh/bullmq/commit/75a66af36f7d56c149e070826a20116ea1ef5e7b\"\u003e\u003ccode\u003e75a66af\u003c/code\u003e\u003c/a\u003e fix(connections): make sure we do not mutate ioredis (\u003ca href=\"https://redirect.github.com/taskforcesh/bullmq/issues/4182\"\u003e#4182\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/taskforcesh/bullmq/compare/v5.76.10...v5.77.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 5.0.2 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `electron` from 42.1.0 to 42.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/electron/electron/releases\"\u003eelectron's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eelectron v42.3.0\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v42.3.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded Linux support for \u003ccode\u003eapp.getApplicationInfoForProtocol()\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51680\"\u003e#51680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded Notification.remove(), removeAll(), and removeGroup() static methods for macOS. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51691\"\u003e#51691\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51690\"\u003e43\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eAdded session support to net module requests from utility process. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51698\"\u003e#51698\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where \u003ccode\u003eprocess\u003c/code\u003e and other Node globals were undefined in ESM preload scripts when \u003ccode\u003econtextIsolation\u003c/code\u003e was disabled. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51726\"\u003e#51726\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51723\"\u003e43\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed native addon compilation failure with undefined msvc intrinsic from v8 headers. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51706\"\u003e#51706\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51705\"\u003e43\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Chromium to 148.0.7778.180. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51600\"\u003e#51600\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v42.2.0\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v42.2.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAllowed the \u003ccode\u003e--experimental-inspector-network-resource\u003c/code\u003e Node.js flag to be passed through Electron. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51378\"\u003e#51378\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51377\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed crash for Notification close. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51657\"\u003e#51657\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/51656\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/51655\"\u003e43\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported fixes for a use-after-free in touch-event queue teardown, a runtime-effect validation gap in Skia image filters, and an integer overflow in the GLSL translator. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51646\"\u003e#51646\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackported fixes for an out-of-bounds write in WebAudio worklet setup, a heap overflow in the ANGLE GL backend, a use-after-free in the GTK Wayland platform, an accessibility tree-state validation issue, and an integer overflow in text bidi handling. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51666\"\u003e#51666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved performance of \u003ccode\u003eapp.getApplicationNameForProtocol()\u003c/code\u003e on Linux. \u003ca href=\"https://redirect.github.com/electron/electron/pull/51628\"\u003e#51628\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDocumentation changes: \u003ca href=\"https://redirect.github.com/electron/electron/pull/51688\"\u003e#51688\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/e0127e99aeaa66bb580538fc7409831b5248cccb\"\u003e\u003ccode\u003ee0127e9\u003c/code\u003e\u003c/a\u003e chore: bump chromium to 148.0.7778.180 (42-x-y) (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51600\"\u003e#51600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/b07916bfa5b7cb5056c36c0cf4769849941d7ce1\"\u003e\u003ccode\u003eb07916b\u003c/code\u003e\u003c/a\u003e ci: unpin homebrew version (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51762\"\u003e#51762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/6aac40e76ca1eace7b13f5c5451b586e010fe558\"\u003e\u003ccode\u003e6aac40e\u003c/code\u003e\u003c/a\u003e refactor: api::utilityProcessWrapper managed by cppgc (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50955\"\u003e#50955\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51752\"\u003e#51752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/bb52cd543ded7b33e1232c3d8d743c8fa8387d8e\"\u003e\u003ccode\u003ebb52cd5\u003c/code\u003e\u003c/a\u003e chore: do not require infr singoff for github workflows/actions (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51738\"\u003e#51738\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51\"\u003e#51\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/fd02b05625e0e4a950e45a67642d8fba95510689\"\u003e\u003ccode\u003efd02b05\u003c/code\u003e\u003c/a\u003e refactor: rm chore_add_electron_objects_to_wrappablepointertag.patch (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51734\"\u003e#51734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/34102a58a53d64c992d37bd745db49ecee1b5a30\"\u003e\u003ccode\u003e34102a5\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003eprocess\u003c/code\u003e undefined in ESM preload when contextIsolation is disabled (\u003ca href=\"https://redirect.github.com/electron/electron/issues/5\"\u003e#5\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/09d7d7af4d9e87dfe86f445790f0f699d3aedc96\"\u003e\u003ccode\u003e09d7d7a\u003c/code\u003e\u003c/a\u003e feat: add Linux support for \u003ccode\u003eapp.getApplicationInfoForProtocol()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/electron/electron/issues/5\"\u003e#5\u003c/a\u003e… (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51680\"\u003e#51680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/bbf87a7d991ca4bafb03717adc157413fb729d18\"\u003e\u003ccode\u003ebbf87a7\u003c/code\u003e\u003c/a\u003e feat: add remove, removeAll, and removeGroup for notifications API (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51691\"\u003e#51691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/c9598c82e42f52b772e96b4b6d2bff04465fedde\"\u003e\u003ccode\u003ec9598c8\u003c/code\u003e\u003c/a\u003e feat: add http cache support to requests from utility process (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51698\"\u003e#51698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/102aebe84143dceb32e7de7ffed64755ca47c20d\"\u003e\u003ccode\u003e102aebe\u003c/code\u003e\u003c/a\u003e ci: set no color output during build (\u003ca href=\"https://redirect.github.com/electron/electron/issues/51709\"\u003e#51709\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/electron/electron/compare/v42.1.0...v42.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.12.19 to 4.12.23\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.23\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(serve-static): normalize all backslashes in file paths, not just the first in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4962\"\u003ehonojs/hono#4962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(context): export the Context class publicly by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4543\"\u003ehonojs/hono#4543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(contribution): add AI Usage Policy by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4970\"\u003ehonojs/hono#4970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(compress): add contentTypeFilter option and \u003ccode\u003eCOMPRESSIBLE_CONTENT_TYPE_REGEX\u003c/code\u003e re-export by \u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4961\"\u003ehonojs/hono#4961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(utils/ipaddr): do not compress a single 0 group to \u003ccode\u003e::\u003c/code\u003e by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4971\"\u003ehonojs/hono#4971\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.22...v4.12.23\"\u003ehttps://github.com/honojs/hono/compare/v4.12.22...v4.12.23\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: update vitest to v4 and cleanups by \u003ca href=\"https://github.com/BlankParticle\"\u003e\u003ccode\u003e@​BlankParticle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4952\"\u003ehonojs/hono#4952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(mime): specify charset parameter per MIME type instead of mechanical detection by \u003ca href=\"https://github.com/renatograsso10\"\u003e\u003ccode\u003e@​renatograsso10\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4912\"\u003ehonojs/hono#4912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(compress): respect Accept-Encoding when encoding option is set by \u003ca href=\"https://github.com/LeSingh1\"\u003e\u003ccode\u003e@​LeSingh1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4951\"\u003ehonojs/hono#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deno): echo negotiated WebSocket subprotocol in upgrade response by \u003ca href=\"https://github.com/ATOM00blue\"\u003e\u003ccode\u003e@​ATOM00blue\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4955\"\u003ehonojs/hono#4955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add msgpack as a compressible content type by \u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4957\"\u003ehonojs/hono#4957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/renatograsso10\"\u003e\u003ccode\u003e@​renatograsso10\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4912\"\u003ehonojs/hono#4912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/LeSingh1\"\u003e\u003ccode\u003e@​LeSingh1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4951\"\u003ehonojs/hono#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ATOM00blue\"\u003e\u003ccode\u003e@​ATOM00blue\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4955\"\u003ehonojs/hono#4955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/na-trium-144\"\u003e\u003ccode\u003e@​na-trium-144\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4957\"\u003ehonojs/hono#4957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.21...v4.12.22\"\u003ehttps://github.com/honojs/hono/compare/v4.12.21...v4.12.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.21\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eapp.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eapp.mount()\u003c/code\u003e. Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3\u003c/p\u003e\n\u003ch3\u003eIP Restriction bypasses static deny rules for non-canonical IPv6\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/ip-restriction\u003c/code\u003e. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5\u003c/p\u003e\n\u003ch3\u003eCookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cookie\u003c/code\u003e. Fixes missing validation of \u003ccode\u003esameSite\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e options against injection characters (\u003ccode\u003e;\u003c/code\u003e, \u003ccode\u003e\\r\u003c/code\u003e, \u003ccode\u003e\\n\u003c/code\u003e), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x\u003c/p\u003e\n\u003ch3\u003eJWT middleware accepts any Authorization scheme, not only Bearer\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/jwt\u003c/code\u003e, \u003ccode\u003ehono/jwk\u003c/code\u003e. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use \u003ccode\u003eapp.mount()\u003c/code\u003e, \u003ccode\u003ehono/ip-restriction\u003c/code\u003e, \u003ccode\u003ehono/cookie\u003c/code\u003e, or \u003ccode\u003ehono/jwt\u003c/code\u003e/\u003ccode\u003ehono/jwk\u003c/code\u003e are encouraged to upgrade to this version.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/83bfb3bb4a12c1d92c163a39e907df5d662ff78d\"\u003e\u003ccode\u003e83bfb3b\u003c/code\u003e\u003c/a\u003e 4.12.23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/bcd290a64c0b392fd06d2bd1f256c5dc9835e4a4\"\u003e\u003ccode\u003ebcd290a\u003c/code\u003e\u003c/a\u003e fix(utils/ipaddr): do not compress a single 0 group to \u003ccode\u003e::\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4971\"\u003e#4971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c968177d9c11ddc7c7cca57c384497f11a6d60ae\"\u003e\u003ccode\u003ec968177\u003c/code\u003e\u003c/a\u003e feat(compress): add contentTypeFilter option and `COMPRESSIBLE_CONTENT_TYPE_R...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/0265a5453a7c272417eaa22b93d3fb319d2188ed\"\u003e\u003ccode\u003e0265a54\u003c/code\u003e\u003c/a\u003e docs(contribution): add AI Usage Policy (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4970\"\u003e#4970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c84c5d2d46ca6a78c316529491d42ab7bb956368\"\u003e\u003ccode\u003ec84c5d2\u003c/code\u003e\u003c/a\u003e feat(context): export the Context class publicly (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4543\"\u003e#4543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/82dad6297c90c33c41bf48b4530509a21588ad06\"\u003e\u003ccode\u003e82dad62\u003c/code\u003e\u003c/a\u003e fix(serve-static): normalize all backslashes in file paths, not just the firs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/2f01b774b168911d24e4864fb66054f5de9d9a4e\"\u003e\u003ccode\u003e2f01b77\u003c/code\u003e\u003c/a\u003e 4.12.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6bc0dff277684ee50ace6dc87a7ad73a9c131c99\"\u003e\u003ccode\u003e6bc0dff\u003c/code\u003e\u003c/a\u003e feat: add msgpack as a compressible content type (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4957\"\u003e#4957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/7e0555d14c72d4204347ac9afaae32ba5c013ab9\"\u003e\u003ccode\u003e7e0555d\u003c/code\u003e\u003c/a\u003e fix(deno): echo negotiated WebSocket subprotocol in upgrade response (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4955\"\u003e#4955\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/f0ed2465913f2a89ebdf65cc54d6254915fc3ff6\"\u003e\u003ccode\u003ef0ed246\u003c/code\u003e\u003c/a\u003e fix(compress): respect Accept-Encoding when encoding option is set (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4951\"\u003e#4951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.19...v4.12.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `koa` from 3.2.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/koajs/koa/releases\"\u003ekoa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: request.length overflows on Content-Length \u0026gt; 2GB by \u003ca href=\"https://github.com/tejgokani\"\u003e\u003ccode\u003e@​tejgokani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1961\"\u003ekoajs/koa#1961\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tejgokani\"\u003e\u003ccode\u003e@​tejgokani\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/koajs/koa/pull/1961\"\u003ekoajs/koa#1961\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/koajs/koa/compare/v3.2.0...v3.2.1\"\u003ehttps://github.com/koajs/koa/compare/v3.2.0...v3.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/6984592d41946ed746f15afcb05554e073f64dad\"\u003e\u003ccode\u003e6984592\u003c/code\u003e\u003c/a\u003e 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koajs/koa/commit/3f3ac48904229f807939d13ab49fdf8262a7aa08\"\u003e\u003ccode\u003e3f3ac48\u003c/code\u003e\u003c/a\u003e fix: request.length overflows on Content-Length \u0026gt; 2GB (\u003ca href=\"https://redirect.github.com/koajs/koa/issues/1961\"\u003e#1961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/koajs/koa/compare/v3.2.0...v3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mariadb` from 3.4.5 to 3.5.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/releases\"\u003emariadb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eMariaDB Connector/Node.js 3.5.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.2\"\u003e3.5.2\u003c/a\u003e (Mar 2026)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.5.1...3.5.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-342 Resolved TypeScript compilation errors introduced in mariadb-connector-nodejs v3.5.1\u003c/li\u003e\n\u003cli\u003eCONJS-343 Fixed an issue where batch operations would hang when provided with empty array parameter values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMariaDB Connector/Node.js 3.5.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.1\"\u003e3.5.1\u003c/a\u003e (Feb 2026)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.5.0-rc.0...3.5.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-338 Add asyncDispose support for Connection, PoolConnection and Pool \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/250\"\u003e#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-339 Add default type parameter to Prepare interface and fix executeStream generic \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/334\"\u003e#334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-339 Add wildcard for values params on Prepare\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-331 Plugin authentication change correction\u003c/li\u003e\n\u003cli\u003eCONJS-335 Deno compatibility: send COM_QUIT synchronously to prevent socket cleanup race condition\u003c/li\u003e\n\u003cli\u003eCONJS-336 Connection attribute _server_host send host, but IP resulting of name resolution\u003c/li\u003e\n\u003cli\u003eCONJS-340 Fix pool connection event to emit wrapped connections and prevent user errors from breaking pool \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/342\"\u003e#342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-341 Support charset + collation combination in connection options \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/337\"\u003e#337\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMariaDB Connector/Node.js 3.5.0 RC\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.0-rc.0\"\u003e3.5.0-rc.0\u003c/a\u003e (Oct 2025)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.4.5...3.5.0-rc.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-326 migrate from commonJS to ESM\u003c/li\u003e\n\u003cli\u003eCONJS-325\tdeno compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-328 Fix minimumIdle option to maintain baseline idle connections\u003c/li\u003e\n\u003cli\u003eCONJS-330 caching_sha2_password: avoid requiring RSA key pair when connecting via Unix socket\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/blob/main/CHANGELOG.md\"\u003emariadb's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.2\"\u003e3.5.2\u003c/a\u003e (Mar 2026)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.5.1...3.5.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-342 Resolved TypeScript compilation errors introduced in mariadb-connector-nodejs v3.5.1\u003c/li\u003e\n\u003cli\u003eCONJS-343 Fixed an issue where batch operations would hang when provided with empty array parameter values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.1\"\u003e3.5.1\u003c/a\u003e (Feb 2026)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.5.0-rc.0...3.5.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-338 Add asyncDispose support for Connection, PoolConnection and Pool \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/250\"\u003e#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-339 Add default type parameter to Prepare interface and fix executeStream generic \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/334\"\u003e#334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-339 Add wildcard for values params on Prepare\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-331 Plugin authentication change correction\u003c/li\u003e\n\u003cli\u003eCONJS-335 Deno compatibility: send COM_QUIT synchronously to prevent socket cleanup race condition\u003c/li\u003e\n\u003cli\u003eCONJS-336 Connection attribute _server_host send host, but IP resulting of name resolution\u003c/li\u003e\n\u003cli\u003eCONJS-340 Fix pool connection event to emit wrapped connections and prevent user errors from breaking pool \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/342\"\u003e#342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCONJS-341 Support charset + collation combination in connection options \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/337\"\u003e#337\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/tree/3.5.0-rc.0\"\u003e3.5.0-rc.0\u003c/a\u003e (Oct 2025)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.4.5...3.5.0-rc.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-326 migrate from commonJS to ESM\u003c/li\u003e\n\u003cli\u003eCONJS-325\tdeno compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eIssues Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCONJS-328 Fix minimumIdle option to maintain baseline idle connections\u003c/li\u003e\n\u003cli\u003eCONJS-330 caching_sha2_password: avoid requiring RSA key pair when connecting via Unix socket\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/ca989158d2fcebe55317b09b3cf6333549df0d77\"\u003e\u003ccode\u003eca98915\u003c/code\u003e\u003c/a\u003e bump 3.5.2 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/e721d70015c6dbe01acfc59d75ae873e96faff34\"\u003e\u003ccode\u003ee721d70\u003c/code\u003e\u003c/a\u003e [misc] code style correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/87ca82e42cc4e91520c71d51726540a006c4c48f\"\u003e\u003ccode\u003e87ca82e\u003c/code\u003e\u003c/a\u003e [CONJS-343] batch hangs when having an empty parameters values \u003ca href=\"https://redirect.github.com/mariadb-corporation/mariadb-connector-nodejs/issues/343\"\u003e#343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/e0548495f3a2ce8588676a89b1e9cd53bf296d7a\"\u003e\u003ccode\u003ee054849\u003c/code\u003e\u003c/a\u003e [CONJS-342] Move TypeScript type dependencies from peer to regular dependenci...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/be72ebf9fee6e0bd153b6ff6e0bb252f794dbf0e\"\u003e\u003ccode\u003ebe72ebf\u003c/code\u003e\u003c/a\u003e [perf] Optimize buffer copy in readBufferLengthEncodedCopy with subarray\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/dbd547268a5b06bed5a8294409a57255d166b3c4\"\u003e\u003ccode\u003edbd5472\u003c/code\u003e\u003c/a\u003e [CONJS-333] Optimize column type checking with buffer comparisons and pre-com...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/e71f8496803d342723dd6ee6c206ddb9616d5473\"\u003e\u003ccode\u003ee71f849\u003c/code\u003e\u003c/a\u003e [misc] Release version 3.5.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/82b639c2b93c4b7640080832fa7b96b267a8c3a0\"\u003e\u003ccode\u003e82b639c\u003c/code\u003e\u003c/a\u003e [misc] bump dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/a5ba9020a2f69911cb718063045fddbd5241d18f\"\u003e\u003ccode\u003ea5ba902\u003c/code\u003e\u003c/a\u003e [perf] Optimize execute command with bitwise operations and constant reuse\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/commit/65b950882f03b3c1ce015a5047905c5cf65347eb\"\u003e\u003ccode\u003e65b9508\u003c/code\u003e\u003c/a\u003e [perf] Optimize parameter type checking and remove unused pipe property\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mariadb-corporation/mariadb-connector-nodejs/compare/3.4.5...3.5.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpd...\n\n_Description has been truncated_","html_url":"https://github.com/DataDog/dd-trace-js/pull/8737","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2Fdd-trace-js/issues/8737","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8737/packages"}},{"old_version":"5.0.2","new_version":"6.0.1","update_type":"major","path":null,"pr_created_at":"2026-05-26T21:50:24.000Z","version_change":"5.0.2 → 6.0.1","issue":{"uuid":"4527742235","node_id":"PR_kwDOMywM787flofU","number":26,"state":"closed","title":"deps: bump ejs from 5.0.2 to 6.0.1","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-26T21:52:29.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-26T21:50:24.000Z","updated_at":"2026-05-26T21:52:37.000Z","time_to_close":125,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps","packages":[{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"}],"path":null,"ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 5.0.2 to 6.0.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=5.0.2\u0026new-version=6.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/learn-shyam/simple-nodejs-app/pull/26","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/learn-shyam%2Fsimple-nodejs-app/issues/26","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/26/packages"}},{"old_version":"5.0.2","new_version":"6.0.1","update_type":"major","path":null,"pr_created_at":"2026-05-26T12:33:54.000Z","version_change":"5.0.2 → 6.0.1","issue":{"uuid":"4524129488","node_id":"PR_kwDORmUFUs7fZ2_S","number":160,"state":"open","title":"build(deps): bump ejs from 5.0.2 to 6.0.1","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T12:33:54.000Z","updated_at":"2026-05-26T12:34:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"ejs","old_version":"5.0.2","new_version":"6.0.1","repository_url":"https://github.com/mde/ejs"}],"path":null,"ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 5.0.2 to 6.0.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 6.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2c41365ca042a70978e5795adc05fbb8b35fb013\"\u003e\u003ccode\u003e2c41365\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/409fec90771fc6c22ace2a740e8edefeac118188\"\u003e\u003ccode\u003e409fec9\u003c/code\u003e\u003c/a\u003e Moved missed shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7097026acbf9d53c3bf9ecd6b3d0e268b8314036\"\u003e\u003ccode\u003e7097026\u003c/code\u003e\u003c/a\u003e Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f78de727a25e1b63fa26e0beff9dd4bd1e35498c\"\u003e\u003ccode\u003ef78de72\u003c/code\u003e\u003c/a\u003e Updated README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dc84d04de26ba07a7edb65c3489f80644aaa4312\"\u003e\u003ccode\u003edc84d04\u003c/code\u003e\u003c/a\u003e Major version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/82e73e58228af29ac29ed4b69cb121c609083fe4\"\u003e\u003ccode\u003e82e73e5\u003c/code\u003e\u003c/a\u003e Proto poisoning hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/34c68a16ccb466635170ef81a8ce2862b248ebe2\"\u003e\u003ccode\u003e34c68a1\u003c/code\u003e\u003c/a\u003e Ecosystem smoke tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/8d1af6c1a439ec2675cf2cc20bbfad8a09190a6b\"\u003e\u003ccode\u003e8d1af6c\u003c/code\u003e\u003c/a\u003e Linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/c62fe52896017c3c1c0a9b0167e5a71facefb7c5\"\u003e\u003ccode\u003ec62fe52\u003c/code\u003e\u003c/a\u003e Move shim\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/dff76b5761aec797ff3958efe0d5ac03da11bd67\"\u003e\u003ccode\u003edff76b5\u003c/code\u003e\u003c/a\u003e Packaging improvements\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mde/ejs/compare/v5.0.2...v6.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=5.0.2\u0026new-version=6.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Battle-Cattle/BCUK-Bot-4/pull/160","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Battle-Cattle%2FBCUK-Bot-4/issues/160","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/160/packages"}},{"old_version":"3.1.6","new_version":"3.1.10","update_type":"patch","path":null,"pr_created_at":"2026-05-26T09:10:49.000Z","version_change":"3.1.6 → 3.1.10","issue":{"uuid":"4522954470","node_id":"PR_kwDOGxPQGc7fWCwC","number":6,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 31 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T09:10:49.000Z","updated_at":"2026-05-26T09:17:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":31,"packages":[{"name":"swiper","old_version":"8.0.2","new_version":"12.1.2","repository_url":"https://github.com/nolimits4web/Swiper"},{"name":"postcss","old_version":"8.4.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"@babel/helpers","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.9.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"axios","old_version":"0.21.4","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"cookie","old_version":"0.4.1","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"express","old_version":"4.17.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.2","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"node-forge","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"react-router","old_version":"6.2.1","new_version":"6.30.3","repository_url":"https://github.com/remix-run/react-router"},{"name":"rollup","old_version":"2.66.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.68.0","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"ws","old_version":"8.4.2","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.6","new_version":"7.5.11","repository_url":"https://github.com/websockets/ws"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 25 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [swiper](https://github.com/nolimits4web/Swiper) | `8.0.2` | `12.1.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.6` | `8.5.10` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.16.7` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.16.7` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.9.0` | `8.20.0` |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.2` | `2.0.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.2.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.2.1` | `6.30.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.66.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.68.0` | `5.107.2` |\n| [ws](https://github.com/websockets/ws) | `8.4.2` | `8.21.0` |\n| [ws](https://github.com/websockets/ws) | `7.5.6` | `7.5.11` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `swiper` from 8.0.2 to 12.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/Swiper/releases\"\u003eswiper's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev12.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev12.1.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.1.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e fixed reference to nav arrows SVG (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0b17ecf56bf941e4a5da2a2c171d5e16a9e4552b\"\u003e0b17ecf\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8115\"\u003e#8115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e add 'getRotateFix' export to effect utils (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/c97ae5d0069cf3d5c745efb63ced9924a64d2453\"\u003ec97ae5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8114\"\u003e#8114\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.2\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e add styles for when buttons set before slider (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/4588c5719d4d828548c34f456de099f621f4c709\"\u003e4588c57\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8085\"\u003e#8085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e new \u003ccode\u003eaddIcons\u003c/code\u003e parameter to add SVG icons to nav buttons (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/b955b0c15c3b813bbda7a68cdd250f8a822015df\"\u003eb955b0c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8088\"\u003e#8088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8087\"\u003e#8087\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e tweak nav styles when adjacent (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/98440d9621c2b06c1c45edf8f4103ce5125e8231\"\u003e98440d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/swiper/blob/master/CHANGELOG.md\"\u003eswiper's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.3...v12.1.4\"\u003e12.1.4\u003c/a\u003e (2026-04-29)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove redundant aria-disabled=false from swiper nav button (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8176\"\u003e#8176\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/673092978a54ee3aff82633dd50880011a2a362f\"\u003e6730929\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epackage:\u003c/strong\u003e add TS declarations for CSS files (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/ea3081b8c5863b297a240a0698804121c9e6c118\"\u003eea3081b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8055\"\u003e#8055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereact:\u003c/strong\u003e expose isFullyVisible in SwiperSlide render props (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8175\"\u003e#8175\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/3af0002acfc18a5ec450b3a2354d6187a64797e8\"\u003e3af0002\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.1...v12.1.3\"\u003e12.1.3\u003c/a\u003e (2026-03-24)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e use virtual slides count in onResize when virtual mode is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8163\"\u003e#8163\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/44000834d05ac339a9c4dfbaaa3f60c1a0631cff\"\u003e4400083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egrid:\u003c/strong\u003e round down \u003ccode\u003eslidesPerView\u003c/code\u003e before calculating number of slides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8172\"\u003e#8172\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/49a55ab2c89c63679cdd21d389ec7ef9d9d375f4\"\u003e49a55ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e add navigation button slots (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/cc8224177d5f577b672e37b9386f7388d71ba3c3\"\u003ecc82241\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.0...v12.1.1\"\u003e12.1.1\u003c/a\u003e (2026-02-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.0.3...v12.1.0\"\u003e12.1.0\u003c/a\u003e (2026-01-28)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/2fd88b718b6854e8d6be7f183e68b73b68dae816\"\u003e\u003ccode\u003e2fd88b7\u003c/code\u003e\u003c/a\u003e 12.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/d3e663322a13043ca63aaba235d8cf3900e0c8cf\"\u003e\u003ccode\u003ed3e6633\u003c/code\u003e\u003c/a\u003e fix prototype pollution bypass in extend() util\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/70c48c16f99affa29236ac13b16a37f43da38ae0\"\u003e\u003ccode\u003e70c48c1\u003c/code\u003e\u003c/a\u003e 12.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e\u003ccode\u003e3055008\u003c/code\u003e\u003c/a\u003e fix(a11y): fix focus in virtual mode enabled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e\u003ccode\u003e60b0052\u003c/code\u003e\u003c/a\u003e fix(core): avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e\u003ccode\u003e6bf76d5\u003c/code\u003e\u003c/a\u003e fix(types): support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e\u003ccode\u003e07738a2\u003c/code\u003e\u003c/a\u003e fix(core): prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8\"\u003e#8\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3a1777aa7aefe168eac330f308cedd8c3f4a81e4\"\u003e\u003ccode\u003e3a1777a\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3bc6cfe55421053864f6f53494841959748f332a\"\u003e\u003ccode\u003e3bc6cfe\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e\u003ccode\u003e45b98d0\u003c/code\u003e\u003c/a\u003e fix(core): support slidesOffsetBefore and slidesOffsetAfert in cssMode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v8.0.2...v12.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.9.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.21.4 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.21.4...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in...\n\n_Description has been truncated_","html_url":"https://github.com/muhammadali1995/muck-23/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/muhammadali1995%2Fmuck-23/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"3.1.10","new_version":"5.0.2","update_type":"major","path":null,"pr_created_at":"2026-05-25T13:12:03.000Z","version_change":"3.1.10 → 5.0.2","issue":{"uuid":"4517152658","node_id":"PR_kwDOSLqBrM7fDQFs","number":149,"state":"open","title":"build(deps): bump the bsv-workspace group across 1 directory with 59 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T13:12:03.000Z","updated_at":"2026-05-26T19:15:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bsv-workspace","update_count":59,"packages":[{"name":"@eslint/js","old_version":"9.39.4","new_version":"10.0.1","repository_url":"https://github.com/eslint/eslint"},{"name":"@jest/globals","old_version":"30.3.0","new_version":"30.4.1","repository_url":"https://github.com/jestjs/jest"},{"name":"@rspack/cli","old_version":"2.0.0","new_version":"2.0.4","repository_url":"https://github.com/web-infra-dev/rspack"},{"name":"@rspack/core","old_version":"1.7.11","new_version":"2.0.4","repository_url":"https://github.com/web-infra-dev/rspack"},{"name":"@types/node","old_version":"20.19.39","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint","old_version":"9.39.4","new_version":"10.4.0","repository_url":"https://github.com/eslint/eslint"},{"name":"globals","old_version":"15.15.0","new_version":"17.6.0","repository_url":"https://github.com/sindresorhus/globals"},{"name":"jest","old_version":"30.3.0","new_version":"30.4.2","repository_url":"https://github.com/jestjs/jest"},{"name":"jest-environment-jsdom","old_version":"30.3.0","new_version":"30.4.1","repository_url":"https://github.com/jestjs/jest"},{"name":"ts-jest","old_version":"29.4.9","new_version":"29.4.11","repository_url":"https://github.com/kulshekhar/ts-jest"},{"name":"typescript","old_version":"5.1.6","new_version":"6.0.3","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"typescript-eslint","old_version":"8.59.0","new_version":"8.60.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"webpack","old_version":"5.106.2","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"webpack-cli","old_version":"5.1.4","new_version":"7.0.2","repository_url":"https://github.com/webpack/webpack-cli"},{"name":"chalk","old_version":"4.1.2","new_version":"5.6.2","repository_url":"https://github.com/chalk/chalk"},{"name":"dotenv","old_version":"16.6.1","new_version":"17.4.2","repository_url":"https://github.com/motdotla/dotenv"},{"name":"@types/supertest","old_version":"6.0.3","new_version":"7.2.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@typescript-eslint/eslint-plugin","old_version":"8.59.0","new_version":"8.60.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/parser","old_version":"8.59.0","new_version":"8.60.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"ejs","old_version":"3.1.10","new_version":"5.0.2","repository_url":"https://github.com/mde/ejs"},{"name":"webpack-bundle-analyzer","old_version":"4.10.2","new_version":"5.3.0","repository_url":"https://github.com/webpack/webpack-bundle-analyzer"},{"name":"webpack-dev-server","old_version":"5.2.3","new_version":"5.2.4","repository_url":"https://github.com/webpack/webpack-dev-server"},{"name":"express","old_version":"4.22.1","new_version":"5.2.1","repository_url":"https://github.com/expressjs/express"},{"name":"joi","old_version":"18.1.2","new_version":"18.2.1","repository_url":"https://github.com/hapijs/joi"},{"name":"vitest","old_version":"4.1.5","new_version":"4.1.7","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"@types/mime-types","old_version":"2.1.4","new_version":"3.0.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@chainsafe/libp2p-noise","old_version":"16.1.5","new_version":"17.0.0","repository_url":"https://github.com/ChainSafe/js-libp2p-noise"},{"name":"@chainsafe/libp2p-yamux","old_version":"7.0.4","new_version":"8.0.1","repository_url":"https://github.com/ChainSafe/js-libp2p-yamux"},{"name":"@libp2p/bootstrap","old_version":"11.0.47","new_version":"12.0.22","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/crypto","old_version":"5.1.17","new_version":"5.1.18","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/identify","old_version":"3.0.39","new_version":"4.1.6","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/kad-dht","old_version":"15.1.11","new_version":"16.3.0","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/peer-id","old_version":"5.1.9","new_version":"6.0.9","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/ping","old_version":"2.0.37","new_version":"3.1.5","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/pnet","old_version":"2.0.47","new_version":"3.0.21","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@libp2p/pubsub-peer-discovery","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/libp2p/js-libp2p-pubsub-peer-discovery"},{"name":"@libp2p/tcp","old_version":"10.1.19","new_version":"11.0.20","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"@multiformats/multiaddr","old_version":"12.5.1","new_version":"13.0.3","repository_url":"https://github.com/multiformats/js-multiaddr"},{"name":"libp2p","old_version":"2.10.0","new_version":"3.3.1","repository_url":"https://github.com/libp2p/js-libp2p"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.3","repository_url":"https://github.com/privatenumber/tsx"},{"name":"mongodb-memory-server","old_version":"9.5.0","new_version":"11.1.0","repository_url":"https://github.com/typegoose/mongodb-memory-server"},{"name":"knex","old_version":"3.2.9","new_version":"3.2.10","repository_url":"https://github.com/knex/knex"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"react","old_version":"18.3.1","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"18.3.28","new_version":"19.2.15","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-dom","old_version":"18.3.1","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"@types/react-dom","old_version":"18.3.1","new_version":"19.2.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"ws","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"better-sqlite3","old_version":"12.9.0","new_version":"12.10.0","repository_url":"https://github.com/WiseLibs/better-sqlite3"},{"name":"mysql2","old_version":"3.22.2","new_version":"3.22.3","repository_url":"https://github.com/sidorares/node-mysql2"},{"name":"@types/diff","old_version":"6.0.0","new_version":"8.0.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"fs-extra","old_version":"11.3.4","new_version":"11.3.5","repository_url":"https://github.com/jprichardson/node-fs-extra"},{"name":"jest-diff","old_version":"30.3.0","new_version":"30.4.1","repository_url":"https://github.com/jestjs/jest"},{"name":"sqlite3","old_version":"5.1.7","new_version":"6.0.1","repository_url":"https://github.com/TryGhost/node-sqlite3"},{"name":"react-router-dom","old_version":"6.30.3","new_version":"7.15.1","repository_url":"https://github.com/remix-run/react-router"},{"name":"@shikijs/rehype","old_version":"1.29.2","new_version":"4.1.0","repository_url":"https://github.com/shikijs/shiki"},{"name":"@vitejs/plugin-react","old_version":"4.7.0","new_version":"6.0.2","repository_url":"https://github.com/vitejs/vite-plugin-react"},{"name":"mermaid","old_version":"11.14.0","new_version":"11.15.0","repository_url":"https://github.com/mermaid-js/mermaid"},{"name":"vite","old_version":"6.4.2","new_version":"8.0.14","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the bsv-workspace group with 59 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.39.4` | `10.0.1` |\n| [@jest/globals](https://github.com/jestjs/jest/tree/HEAD/packages/jest-globals) | `30.3.0` | `30.4.1` |\n| [@rspack/cli](https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli) | `2.0.0` | `2.0.4` |\n| [@rspack/core](https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack) | `1.7.11` | `2.0.4` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.19.39` | `25.9.1` |\n| [eslint](https://github.com/eslint/eslint) | `9.39.4` | `10.4.0` |\n| [globals](https://github.com/sindresorhus/globals) | `15.15.0` | `17.6.0` |\n| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `30.3.0` | `30.4.2` |\n| [jest-environment-jsdom](https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-jsdom) | `30.3.0` | `30.4.1` |\n| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.9` | `29.4.11` |\n| [typescript](https://github.com/microsoft/TypeScript) | `5.1.6` | `6.0.3` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.0` | `8.60.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.106.2` | `5.107.2` |\n| [webpack-cli](https://github.com/webpack/webpack-cli) | `5.1.4` | `7.0.2` |\n| [chalk](https://github.com/chalk/chalk) | `4.1.2` | `5.6.2` |\n| [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.4.2` |\n| [@types/supertest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/supertest) | `6.0.3` | `7.2.0` |\n| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.59.0` | `8.60.0` |\n| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.59.0` | `8.60.0` |\n| [ejs](https://github.com/mde/ejs) | `3.1.10` | `5.0.2` |\n| [webpack-bundle-analyzer](https://github.com/webpack/webpack-bundle-analyzer) | `4.10.2` | `5.3.0` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `5.2.3` | `5.2.4` |\n| [express](https://github.com/expressjs/express) | `4.22.1` | `5.2.1` |\n| [joi](https://github.com/hapijs/joi) | `18.1.2` | `18.2.1` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.5` | `4.1.7` |\n| [@types/mime-types](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mime-types) | `2.1.4` | `3.0.1` |\n| [@chainsafe/libp2p-noise](https://github.com/ChainSafe/js-libp2p-noise) | `16.1.5` | `17.0.0` |\n| [@chainsafe/libp2p-yamux](https://github.com/ChainSafe/js-libp2p-yamux) | `7.0.4` | `8.0.1` |\n| [@libp2p/bootstrap](https://github.com/libp2p/js-libp2p) | `11.0.47` | `12.0.22` |\n| [@libp2p/crypto](https://github.com/libp2p/js-libp2p) | `5.1.17` | `5.1.18` |\n| [@libp2p/identify](https://github.com/libp2p/js-libp2p) | `3.0.39` | `4.1.6` |\n| [@libp2p/kad-dht](https://github.com/libp2p/js-libp2p) | `15.1.11` | `16.3.0` |\n| [@libp2p/peer-id](https://github.com/libp2p/js-libp2p) | `5.1.9` | `6.0.9` |\n| [@libp2p/ping](https://github.com/libp2p/js-libp2p) | `2.0.37` | `3.1.5` |\n| [@libp2p/pnet](https://github.com/libp2p/js-libp2p) | `2.0.47` | `3.0.21` |\n| [@libp2p/pubsub-peer-discovery](https://github.com/libp2p/js-libp2p-pubsub-peer-discovery) | `11.0.2` | `12.0.0` |\n| [@libp2p/tcp](https://github.com/libp2p/js-libp2p) | `10.1.19` | `11.0.20` |\n| [@multiformats/multiaddr](https://github.com/multiformats/js-multiaddr) | `12.5.1` | `13.0.3` |\n| [libp2p](https://github.com/libp2p/js-libp2p) | `2.10.0` | `3.3.1` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.3` |\n| [mongodb-memory-server](https://github.com/typegoose/mongodb-memory-server/tree/HEAD/packages/mongodb-memory-server) | `9.5.0` | `11.1.0` |\n| [knex](https://github.com/knex/knex) | `3.2.9` | `3.2.10` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `18.3.1` | `19.2.6` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `18.3.28` | `19.2.15` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `18.3.1` | `19.2.6` |\n| [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) | `18.3.1` | `19.2.3` |\n| [ws](https://github.com/websockets/ws) | `8.20.0` | `8.21.0` |\n| [better-sqlite3](https://github.com/WiseLibs/better-sqlite3) | `12.9.0` | `12.10.0` |\n| [mysql2](https://github.com/sidorares/node-mysql2) | `3.22.2` | `3.22.3` |\n| [@types/diff](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/diff) | `6.0.0` | `8.0.0` |\n| [fs-extra](https://github.com/jprichardson/node-fs-extra) | `11.3.4` | `11.3.5` |\n| [jest-diff](https://github.com/jestjs/jest/tree/HEAD/packages/jest-diff) | `30.3.0` | `30.4.1` |\n| [sqlite3](https://github.com/TryGhost/node-sqlite3) | `5.1.7` | `6.0.1` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `6.30.3` | `7.15.1` |\n| [@shikijs/rehype](https://github.com/shikijs/shiki/tree/HEAD/packages/rehype) | `1.29.2` | `4.1.0` |\n| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `4.7.0` | `6.0.2` |\n| [mermaid](https://github.com/mermaid-js/mermaid) | `11.14.0` | `11.15.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.2` | `8.0.14` |\n\n\nUpdates `@eslint/js` from 9.39.4 to 10.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003e@​eslint/js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c87d5bded54c5cf491eb04c24c9d09bbbd42c23e\"\u003e\u003ccode\u003ec87d5bd\u003c/code\u003e\u003c/a\u003e fix: update eslint (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20531\"\u003e#20531\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d84100115c14691691058f00779c94e74fca946a\"\u003e\u003ccode\u003ed841001\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003eminimatch\u003c/code\u003e to \u003ccode\u003e10.2.1\u003c/code\u003e to address security vulnerabilities (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20519\"\u003e#20519\u003c/a\u003e) (루밀LuMir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/04c21475b3004904948f02049f2888b401d82c78\"\u003e\u003ccode\u003e04c2147\u003c/code\u003e\u003c/a\u003e fix: update error message for unused suppressions (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20496\"\u003e#20496\u003c/a\u003e) (fnx)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/38b089c1726feac0e31a31d47941bd99e29ce003\"\u003e\u003ccode\u003e38b089c\u003c/code\u003e\u003c/a\u003e fix: update dependency \u003ccode\u003e@​eslint/config-array\u003c/code\u003e to ^0.23.1 (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20484\"\u003e#20484\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5b3dbce50a1404a9f118afe810cefeee79388a2a\"\u003e\u003ccode\u003e5b3dbce\u003c/code\u003e\u003c/a\u003e docs: add AI acknowledgement section to templates (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20431\"\u003e#20431\u003c/a\u003e) (루밀LuMir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6f23076037d5879f20fb3be2ef094293b1e8d38c\"\u003e\u003ccode\u003e6f23076\u003c/code\u003e\u003c/a\u003e docs: toggle nav in no-JS mode (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20476\"\u003e#20476\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b69cfb32a16c5d5e9986390d484fae1d21e406f9\"\u003e\u003ccode\u003eb69cfb3\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e5c281ffd038a3a7a3e5364db0b9378e0ad83020\"\u003e\u003ccode\u003ee5c281f\u003c/code\u003e\u003c/a\u003e chore: updates for v9.39.3 release (Jenkins)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8c3832adb77cd993b4a24891900d5eeaaf093cdc\"\u003e\u003ccode\u003e8c3832a\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to ^8.56.0 (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20514\"\u003e#20514\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8330d238ae6adb68bb6a1c9381e38cfedd990d94\"\u003e\u003ccode\u003e8330d23\u003c/code\u003e\u003c/a\u003e test: add tests for config-api (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20493\"\u003e#20493\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/37d6e91e88fa6a2ca6d8726679096acff21ba6cc\"\u003e\u003ccode\u003e37d6e91\u003c/code\u003e\u003c/a\u003e chore: remove eslint v10 prereleases from eslint-config-eslint deps (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20494\"\u003e#20494\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/da7cd0e79197ad16e17052eef99df141de6dbfb1\"\u003e\u003ccode\u003eda7cd0e\u003c/code\u003e\u003c/a\u003e refactor: cleanup error message templates (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20479\"\u003e#20479\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/84fb885d49ac810e79a9491276b4828b53d913e5\"\u003e\u003ccode\u003e84fb885\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release (Jenkins)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1f667344b57c4c09b548d94bcfac1f91b6e5c63d\"\u003e\u003ccode\u003e1f66734\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003eeslint\u003c/code\u003e to \u003ccode\u003epeerDependencies\u003c/code\u003e of \u003ccode\u003e@eslint/js\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20467\"\u003e#20467\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.0\u003c/h2\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9e54f43a5e497cdfa179338b431093245cb787b\"\u003e\u003ccode\u003ef9e54f4\u003c/code\u003e\u003c/a\u003e feat!: estimate rule-tester failure location (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20420\"\u003e#20420\u003c/a\u003e) (ST-DDT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a176319d8ade1a7d9b2d7fb8f038f55a2662325f\"\u003e\u003ccode\u003ea176319\u003c/code\u003e\u003c/a\u003e feat!: replace \u003ccode\u003echalk\u003c/code\u003e with \u003ccode\u003estyleText\u003c/code\u003e and add \u003ccode\u003ecolor\u003c/code\u003e to \u003ccode\u003eResultsMeta\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20227\"\u003e#20227\u003c/a\u003e) (루밀LuMir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c7046e6c1e03c4ca0eee4888a1f2eba4c6454f84\"\u003e\u003ccode\u003ec7046e6\u003c/code\u003e\u003c/a\u003e feat!: enable JSX reference tracking (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20152\"\u003e#20152\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fa31a608901684fbcd9906d1907e66561d16e5aa\"\u003e\u003ccode\u003efa31a60\u003c/code\u003e\u003c/a\u003e feat!: add \u003ccode\u003ename\u003c/code\u003e to configs (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20015\"\u003e#20015\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/3383e7ec9028166cafc8ea7986c2f7498d0049f0\"\u003e\u003ccode\u003e3383e7e\u003c/code\u003e\u003c/a\u003e fix!: remove deprecated \u003ccode\u003eSourceCode\u003c/code\u003e methods (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20137\"\u003e#20137\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/501abd0e916a35554c58b7c0365537f1fa3880ce\"\u003e\u003ccode\u003e501abd0\u003c/code\u003e\u003c/a\u003e feat!: update dependency minimatch to v10 (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20246\"\u003e#20246\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca4d3b40085de47561f89656a2207d09946ed45e\"\u003e\u003ccode\u003eca4d3b4\u003c/code\u003e\u003c/a\u003e fix!: stricter rule tester assertions for valid test cases (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20125\"\u003e#20125\u003c/a\u003e) (唯然)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/96512a66c86402fb0538cdcb6cd30b9073f6bf3b\"\u003e\u003ccode\u003e96512a6\u003c/code\u003e\u003c/a\u003e fix!: Remove deprecated rule context methods (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20086\"\u003e#20086\u003c/a\u003e) (Nicholas C. Zakas)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c69fdacdb2e886b9d965568a397aa8220db3fe90\"\u003e\u003ccode\u003ec69fdac\u003c/code\u003e\u003c/a\u003e feat!: remove eslintrc support (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20037\"\u003e#20037\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/208b5cc34a8374ff81412b5bec2e0800eebfbd04\"\u003e\u003ccode\u003e208b5cc\u003c/code\u003e\u003c/a\u003e feat!: Use \u003ccode\u003eScopeManager#addGlobals()\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20132\"\u003e#20132\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a2ee188ea7a38a0c6155f3d39e2b00e1d0f36e14\"\u003e\u003ccode\u003ea2ee188\u003c/code\u003e\u003c/a\u003e fix!: add \u003ccode\u003euniqueItems: true\u003c/code\u003e in \u003ccode\u003eno-invalid-regexp\u003c/code\u003e option (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20155\"\u003e#20155\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a89059dbf2832d417dd493ee81483227ec44e4ab\"\u003e\u003ccode\u003ea89059d\u003c/code\u003e\u003c/a\u003e feat!: Program range span entire source text (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20133\"\u003e#20133\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/39a6424373d915fa9de0d7b0caba9a4dc3da9b53\"\u003e\u003ccode\u003e39a6424\u003c/code\u003e\u003c/a\u003e fix!: assert 'text' is a string across all RuleFixer methods (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20082\"\u003e#20082\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f28fbf846244e043c92b355b224d121b06140b44\"\u003e\u003ccode\u003ef28fbf8\u003c/code\u003e\u003c/a\u003e fix!: Deprecate \u003ccode\u003e\u0026quot;always\u0026quot;\u003c/code\u003e and \u003ccode\u003e\u0026quot;as-needed\u0026quot;\u003c/code\u003e options of the \u003ccode\u003eradix\u003c/code\u003e rule (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20223\"\u003e#20223\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/aa3fb2b233e929b37220be940575f42c280e0b98\"\u003e\u003ccode\u003eaa3fb2b\u003c/code\u003e\u003c/a\u003e fix!: tighten \u003ccode\u003efunc-names\u003c/code\u003e schema (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20119\"\u003e#20119\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f6c0ed0311dcfee853367d5068c765d066e6b756\"\u003e\u003ccode\u003ef6c0ed0\u003c/code\u003e\u003c/a\u003e feat!: report \u003ccode\u003eeslint-env\u003c/code\u003e comments as errors (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20128\"\u003e#20128\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/4bf739fb533e59f7f0a66b65f7bc80be0f37d8db\"\u003e\u003ccode\u003e4bf739f\u003c/code\u003e\u003c/a\u003e fix!: remove deprecated \u003ccode\u003eLintMessage#nodeType\u003c/code\u003e and \u003ccode\u003eTestCaseError#type\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20096\"\u003e#20096\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/523c076866400670fb2192a3f55dbf7ad3469247\"\u003e\u003ccode\u003e523c076\u003c/code\u003e\u003c/a\u003e feat!: drop support for jiti \u0026lt; 2.2.0 (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20016\"\u003e#20016\u003c/a\u003e) (michael faith)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/454a292c95f34dad232411ddac06408e6383bb64\"\u003e\u003ccode\u003e454a292\u003c/code\u003e\u003c/a\u003e feat!: update \u003ccode\u003eeslint:recommended\u003c/code\u003e configuration (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20210\"\u003e#20210\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/4f880ee02992e1bf0e96ebaba679985e2d1295f1\"\u003e\u003ccode\u003e4f880ee\u003c/code\u003e\u003c/a\u003e feat!: remove \u003ccode\u003ev10_*\u003c/code\u003e and inactive \u003ccode\u003eunstable_*\u003c/code\u003e flags (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20225\"\u003e#20225\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f18115c363a4ac7671a4c7f30ee13d57ebba330f\"\u003e\u003ccode\u003ef18115c\u003c/code\u003e\u003c/a\u003e feat!: \u003ccode\u003eno-shadow-restricted-names\u003c/code\u003e report \u003ccode\u003eglobalThis\u003c/code\u003e by default (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20027\"\u003e#20027\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c6358c31fbd3937b92d89be2618ffdf5a774604e\"\u003e\u003ccode\u003ec6358c3\u003c/code\u003e\u003c/a\u003e feat!: Require Node.js \u003ccode\u003e^20.19.0 || ^22.13.0 || \u0026gt;=24\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20160\"\u003e#20160\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/bff9091927811497dbf066b0e3b85ecb37d43822\"\u003e\u003ccode\u003ebff9091\u003c/code\u003e\u003c/a\u003e feat: handle \u003ccode\u003eArray.fromAsync\u003c/code\u003e in \u003ccode\u003earray-callback-return\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20457\"\u003e#20457\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/290c594bb50c439fb71bc75521ee5360daa8c222\"\u003e\u003ccode\u003e290c594\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eself\u003c/code\u003e to \u003ccode\u003eno-implied-eval\u003c/code\u003e rule (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20468\"\u003e#20468\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/43677de07ebd6e14bfac40a46ad749ba783c45f2\"\u003e\u003ccode\u003e43677de\u003c/code\u003e\u003c/a\u003e feat: fix handling of function and class expression names in \u003ccode\u003eno-shadow\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20432\"\u003e#20432\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/84fb885d49ac810e79a9491276b4828b53d913e5\"\u003e\u003ccode\u003e84fb885\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1f667344b57c4c09b548d94bcfac1f91b6e5c63d\"\u003e\u003ccode\u003e1f66734\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003eeslint\u003c/code\u003e to \u003ccode\u003epeerDependencies\u003c/code\u003e of \u003ccode\u003e@eslint/js\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20467\"\u003e#20467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f3fbc2f60cbe2c718364feb8c3fc0452c0df3c56\"\u003e\u003ccode\u003ef3fbc2f\u003c/code\u003e\u003c/a\u003e chore: set \u003ccode\u003e@eslint/js\u003c/code\u003e version to 10.0.0 to skip releasing it (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20466\"\u003e#20466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b4b3127f8542c599ce2dea804b6582ebc40c993d\"\u003e\u003ccode\u003eb4b3127\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/0b14059491d830a49b3577931f4f68fbcfce6be5\"\u003e\u003ccode\u003e0b14059\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fa31a608901684fbcd9906d1907e66561d16e5aa\"\u003e\u003ccode\u003efa31a60\u003c/code\u003e\u003c/a\u003e feat!: add \u003ccode\u003ename\u003c/code\u003e to configs (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20015\"\u003e#20015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1e2cad5f6fa47ed6ed89d2a29798dda926d50990\"\u003e\u003ccode\u003e1e2cad5\u003c/code\u003e\u003c/a\u003e chore: package.json update for \u003ccode\u003e@​eslint/js\u003c/code\u003e release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/454a292c95f34dad232411ddac06408e6383bb64\"\u003e\u003ccode\u003e454a292\u003c/code\u003e\u003c/a\u003e feat!: update \u003ccode\u003eeslint:recommended\u003c/code\u003e configuration (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20210\"\u003e#20210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c6358c31fbd3937b92d89be2618ffdf5a774604e\"\u003e\u003ccode\u003ec6358c3\u003c/code\u003e\u003c/a\u003e feat!: Require Node.js \u003ccode\u003e^20.19.0 || ^22.13.0 || \u0026gt;=24\u003c/code\u003e (\u003ca href=\"https://github.com/eslint/eslint/tree/HEAD/packages/js/issues/20160\"\u003e#20160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eslint/eslint/commits/v10.0.1/packages/js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@jest/globals` from 30.3.0 to 30.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jestjs/jest/releases\"\u003e@​jest/globals's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev30.4.1\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-runner, jest-schemas, jest-types]\u003c/code\u003e Allow custom runner configuration options via tuple format \u003ccode\u003e['runner-path', {options}]\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16141\"\u003e#16141\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Align CJS-from-ESM default export with Node: \u003ccode\u003emodule.exports\u003c/code\u003e is always the ESM default, \u003ccode\u003e__esModule\u003c/code\u003e unwrapping is no longer applied (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16143\"\u003e#16143\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jestjs/jest/compare/v30.4.0...v30.4.1\"\u003ehttps://github.com/jestjs/jest/compare/v30.4.0...v30.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev30.4.0\u003c/h2\u003e\n\u003cp\u003eBig release! 😀\u003c/p\u003e\n\u003cp\u003eMain feature is a rewrite of our custom runtime in preparation for stabilisation of native support of ESM. As part of that work \u003ccode\u003erequire(esm)\u003c/code\u003e module is now supported on Node 24.9+ (still requires \u003ccode\u003e--experimental-vm-modules\u003c/code\u003e like before).\u003c/p\u003e\n\u003cp\u003eIn addition we now support fake timers for the recently released \u003ccode\u003eTemporal\u003c/code\u003e API in Node v26.\u003c/p\u003e\n\u003cp\u003eReact 19 is also supported properly in \u003ccode\u003epretty-format\u003c/code\u003e, meaning snapshots of React components now work like they should.\u003c/p\u003e\n\u003cp\u003eDue to all the changes, there might be regressions that snuck in. Please report them!\u003c/p\u003e\n\u003cp\u003eFull list of changes below\u003c/p\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[babel-jest]\u003c/code\u003e Support collecting coverage from \u003ccode\u003e.mts\u003c/code\u003e, \u003ccode\u003e.cts\u003c/code\u003e (and other) files (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15994\"\u003e#15994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types]\u003c/code\u003e Add \u003ccode\u003e--collect-tests\u003c/code\u003e flag to discover and list tests without executing them (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16006\"\u003e#16006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-runner, jest-worker]\u003c/code\u003e Add \u003ccode\u003eworkerGracefulExitTimeout\u003c/code\u003e config option to control how long workers are given to exit before being force-killed (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15984\"\u003e#15984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Add support for \u003ccode\u003ejest.config.mts\u003c/code\u003e as a valid configuration file (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16005\"\u003e#16005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-reporters, jest-runner]\u003c/code\u003e \u003ccode\u003everbose\u003c/code\u003e and \u003ccode\u003esilent\u003c/code\u003e can now be set per-project; the project-level value overrides the global value for that project's tests (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16133\"\u003e#16133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Duration\u003c/code\u003e in \u003ccode\u003ejest.advanceTimersByTime()\u003c/code\u003e and \u003ccode\u003ejest.advanceTimersByTimeAsync()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Instant\u003c/code\u003e and \u003ccode\u003eTemporal.ZonedDateTime\u003c/code\u003e in \u003ccode\u003ejest.setSystemTime()\u003c/code\u003e and \u003ccode\u003euseFakeTimers({now})\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Support faking \u003ccode\u003eTemporal.Now.*\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16131\"\u003e#16131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-mock]\u003c/code\u003e Add \u003ccode\u003eclearMocksOnScope(scope)\u003c/code\u003e on \u003ccode\u003eModuleMocker\u003c/code\u003e for clearing every mock function exposed on a scope object (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16088\"\u003e#16088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-resolve]\u003c/code\u003e Add \u003ccode\u003ecanResolveSync()\u003c/code\u003e on \u003ccode\u003eResolver\u003c/code\u003e so callers can detect when a user-configured resolver only exports an \u003ccode\u003easync\u003c/code\u003e hook (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16064\"\u003e#16064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Use synchronous \u003ccode\u003eevaluate()\u003c/code\u003e for ES modules without top-level \u003ccode\u003eawait\u003c/code\u003e on Node versions that support it (v24.9+), and prefer the synchronous transform path when a sync transformer is configured (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16062\"\u003e#16062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Support \u003ccode\u003erequire()\u003c/code\u003e of ES modules on Node v24.9+ (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16074\"\u003e#16074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Validate TC39 import attributes (\u003ccode\u003ewith { type: 'json' }\u003c/code\u003e) on ESM imports (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16127\"\u003e#16127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/transform]\u003c/code\u003e Add \u003ccode\u003ecanTransformSync(filename)\u003c/code\u003e on \u003ccode\u003eScriptTransformer\u003c/code\u003e so callers can pick the sync vs async transform path (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16062\"\u003e#16062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-util]\u003c/code\u003e Add \u003ccode\u003eisError\u003c/code\u003e helper (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16076\"\u003e#16076\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[pretty-format]\u003c/code\u003e Support React 19 (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16123\"\u003e#16123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[expect-utils]\u003c/code\u003e Fix \u003ccode\u003etoStrictEqual\u003c/code\u003e failing on \u003ccode\u003estructuredClone\u003c/code\u003e results due to cross-realm constructor mismatch (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15959\"\u003e#15959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/expect-utils]\u003c/code\u003e Prevent \u003ccode\u003etoMatchObject\u003c/code\u003e/subset matching from throwing when encountering exotic iterables (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15952\"\u003e#15952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[fake-timers]\u003c/code\u003e Convert \u003ccode\u003eDate\u003c/code\u003e to milliseconds before passing to \u003ccode\u003e@sinonjs/fake-timers\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16029\"\u003e#16029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest]\u003c/code\u003e Export \u003ccode\u003eGlobalConfig\u003c/code\u003e and \u003ccode\u003eProjectConfig\u003c/code\u003e TypeScript types (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16132\"\u003e#16132\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jestjs/jest/blob/main/CHANGELOG.md\"\u003e@​jest/globals's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e30.4.1\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-runner, jest-schemas, jest-types]\u003c/code\u003e Allow custom runner configuration options via tuple format \u003ccode\u003e['runner-path', {options}]\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16141\"\u003e#16141\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Align CJS-from-ESM default export with Node: \u003ccode\u003emodule.exports\u003c/code\u003e is always the ESM default, \u003ccode\u003e__esModule\u003c/code\u003e unwrapping is no longer applied (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16143\"\u003e#16143\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e30.4.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[babel-jest]\u003c/code\u003e Support collecting coverage from \u003ccode\u003e.mts\u003c/code\u003e, \u003ccode\u003e.cts\u003c/code\u003e (and other) files (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15994\"\u003e#15994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types]\u003c/code\u003e Add \u003ccode\u003e--collect-tests\u003c/code\u003e flag to discover and list tests without executing them (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16006\"\u003e#16006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-runner, jest-worker]\u003c/code\u003e Add \u003ccode\u003eworkerGracefulExitTimeout\u003c/code\u003e config option to control how long workers are given to exit before being force-killed (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15984\"\u003e#15984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Add support for \u003ccode\u003ejest.config.mts\u003c/code\u003e as a valid configuration file (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16005\"\u003e#16005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-reporters, jest-runner]\u003c/code\u003e \u003ccode\u003everbose\u003c/code\u003e and \u003ccode\u003esilent\u003c/code\u003e can now be set per-project; the project-level value overrides the global value for that project's tests (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16133\"\u003e#16133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Duration\u003c/code\u003e in \u003ccode\u003ejest.advanceTimersByTime()\u003c/code\u003e and \u003ccode\u003ejest.advanceTimersByTimeAsync()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Instant\u003c/code\u003e and \u003ccode\u003eTemporal.ZonedDateTime\u003c/code\u003e in \u003ccode\u003ejest.setSystemTime()\u003c/code\u003e and \u003ccode\u003euseFakeTimers({now})\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Support faking \u003ccode\u003eTemporal.Now.*\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16131\"\u003e#16131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-mock]\u003c/code\u003e Add \u003ccode\u003eclearMocksOnScope(scope)\u003c/code\u003e on \u003ccode\u003eModuleMocker\u003c/code\u003e for clearing every mock function exposed on a scope object (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16088\"\u003e#16088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-resolve]\u003c/code\u003e Add \u003ccode\u003ecanResolveSync()\u003c/code\u003e on \u003ccode\u003eResolver\u003c/code\u003e so callers can detect when a user-configured resolver only exports an \u003ccode\u003easync\u003c/code\u003e hook (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16064\"\u003e#16064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Use synchronous \u003ccode\u003eevaluate()\u003c/code\u003e for ES modules without top-level \u003ccode\u003eawait\u003c/code\u003e on Node versions that support it (v24.9+), and prefer the synchronous transform path when a sync transformer is configured (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16062\"\u003e#16062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Support \u003ccode\u003erequire()\u003c/code\u003e of ES modules on Node v24.9+ (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16074\"\u003e#16074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Validate TC39 import attributes (\u003ccode\u003ewith { type: 'json' }\u003c/code\u003e) on ESM imports (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16127\"\u003e#16127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/transform]\u003c/code\u003e Add \u003ccode\u003ecanTransformSync(filename)\u003c/code\u003e on \u003ccode\u003eScriptTransformer\u003c/code\u003e so callers can pick the sync vs async transform path (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16062\"\u003e#16062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-util]\u003c/code\u003e Add \u003ccode\u003eisError\u003c/code\u003e helper (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16076\"\u003e#16076\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[pretty-format]\u003c/code\u003e Support React 19 (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16123\"\u003e#16123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[expect-utils]\u003c/code\u003e Fix \u003ccode\u003etoStrictEqual\u003c/code\u003e failing on \u003ccode\u003estructuredClone\u003c/code\u003e results due to cross-realm constructor mismatch (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15959\"\u003e#15959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/expect-utils]\u003c/code\u003e Prevent \u003ccode\u003etoMatchObject\u003c/code\u003e/subset matching from throwing when encountering exotic iterables (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15952\"\u003e#15952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[fake-timers]\u003c/code\u003e Convert \u003ccode\u003eDate\u003c/code\u003e to milliseconds before passing to \u003ccode\u003e@sinonjs/fake-timers\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16029\"\u003e#16029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest]\u003c/code\u003e Export \u003ccode\u003eGlobalConfig\u003c/code\u003e and \u003ccode\u003eProjectConfig\u003c/code\u003e TypeScript types (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16132\"\u003e#16132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus]\u003c/code\u003e Prevent crash when \u003ccode\u003easyncError\u003c/code\u003e is undefined for non-Error throws (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16003\"\u003e#16003\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus, jest-jasmine2]\u003c/code\u003e Include \u003ccode\u003eError.cause\u003c/code\u003e in JSON \u003ccode\u003efailureMessages\u003c/code\u003e output (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15967\"\u003e#15967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Fix preset path resolution on Windows when the preset uses subpath \u003ccode\u003eexports\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15961\"\u003e#15961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Allow \u003ccode\u003ecollectCoverage\u003c/code\u003e and \u003ccode\u003ecoverageProvider\u003c/code\u003e in project config without a validation warning (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16132\"\u003e#16132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Project config validator now emits \u0026quot;is not supported in an individual project configuration\u0026quot; instead of \u0026quot;probably a typing mistake\u0026quot; for known global-only options (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16132\"\u003e#16132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-environment-node]\u003c/code\u003e Fix \u003ccode\u003e--localstorage-file\u003c/code\u003e warning on Node 25+ (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16086\"\u003e#16086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-reporters]\u003c/code\u003e Apply global coverage threshold to unmatched pattern files in addition to glob/path thresholds (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16137\"\u003e#16137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-reporters, jest-runner, jest-runtime, jest-transform]\u003c/code\u003e Fix coverage report not showing correct code coverage when using \u003ccode\u003eprojects\u003c/code\u003e config option (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16140\"\u003e#16140\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Resolve \u003ccode\u003eexpect\u003c/code\u003e and \u003ccode\u003e@jest/expect\u003c/code\u003e from the internal module registry so test-file imports share the same \u003ccode\u003eJestAssertionError\u003c/code\u003e as the global \u003ccode\u003eexpect\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16130\"\u003e#16130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Improve CJS-from-ESM interop: \u003ccode\u003e__esModule\u003c/code\u003e/Babel default unwrap, broader named-export coverage, and shared CJS singleton across importers (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16050\"\u003e#16050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Load \u003ccode\u003e.js\u003c/code\u003e files with ESM syntax but no \u003ccode\u003e\u0026quot;type\u0026quot;:\u0026quot;module\u0026quot;\u003c/code\u003e marker as native ESM (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16050\"\u003e#16050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Extend the \u003ccode\u003e.js\u003c/code\u003e-with-ESM-syntax fallback to \u003ccode\u003erequire()\u003c/code\u003e on Node v24.9+ - falls back to \u003ccode\u003erequire(esm)\u003c/code\u003e when the CJS parser rejects ESM syntax (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16078\"\u003e#16078\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Fix deadlocks and double-evaluation in concurrent ESM and wasm imports (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16050\"\u003e#16050\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jestjs/jest/commit/b3b4a09ed3005369dacc7466d1d2122797283785\"\u003e\u003ccode\u003eb3b4a09\u003c/code\u003e\u003c/a\u003e v30.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jestjs/jest/commit/5cbb21e0b3037edb42e503ec1a1ce80efad40c20\"\u003e\u003ccode\u003e5cbb21e\u003c/code\u003e\u003c/a\u003e v30.4.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jestjs/jest/commits/v30.4.1/packages/jest-globals\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@rspack/cli` from 2.0.0 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/web-infra-dev/rspack/releases\"\u003e@​rspack/cli's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eHighlights 💡\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eInline const with module declarations\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/web-infra-dev/rspack/pull/14032\"\u003e#14032\u003c/a\u003e): Previously, Rspack only inlined constant exports from leaf modules in the module graph. Now constant exports from any module can be inlined, even when that module also imports or re-exports other modules. In rare circular-reference cases this can make a TDZ error disappear, but we do not expect real projects to rely on TDZ errors, so Rspack prioritizes the optimization.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// constants.js\r\nimport './setup';\r\n\u003cp\u003eexport const ENABLE_EXPERIMENT = false;\u003c/p\u003e\n\u003cp\u003e// entry.js\u003cbr /\u003e\nimport { ENABLE_EXPERIMENT } from './constants';\u003c/p\u003e\n\u003cp\u003eif (ENABLE_EXPERIMENT) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Before: constants.js is not a leaf module, so the branch could keep\u003cbr /\u003e\n// reading the imported binding.\u003cbr /\u003e\nif (ENABLE_EXPERIMENT) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Now: the constant can still be inlined, so dead branches are easier\u003cbr /\u003e\n// to remove.\u003cbr /\u003e\nif (false) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTree shake namespace default reexport\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/web-infra-dev/rspack/pull/13980\"\u003e#13980\u003c/a\u003e): Previously, the \u003ccode\u003eimport * as a from './a'; export default a;\u003c/code\u003e pattern did not tree-shake \u003ccode\u003ea\u003c/code\u003e through the default export. Now Rspack further analyzes the default-exported namespace object and can remove unused exports from the original namespace module.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// a.js\r\nexport function used() {}\r\nexport function unused() {}\r\n\u003cp\u003e// bridge.js\u003cbr /\u003e\nimport * as a from './a';\u003cbr /\u003e\nexport default a;\u003c/p\u003e\n\u003cp\u003e// app.js\u003cbr /\u003e\nimport a from './bridge';\u003c/p\u003e\n\u003cp\u003ea.used();\u003c/p\u003e\n\u003cp\u003e// Before: both used and unused could be kept in the bundle.\u003cbr /\u003e\n// Now: unused can be tree-shaken.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/744af1e2015af1d84b2152b6029a158b1b8111e9\"\u003e\u003ccode\u003e744af1e\u003c/code\u003e\u003c/a\u003e chore: release v2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/c9e86b82f160eba29f6301dd8991b9761d5d44d0\"\u003e\u003ccode\u003ec9e86b8\u003c/code\u003e\u003c/a\u003e perf(cli): lazy load json stream helpers (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14079\"\u003e#14079\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/c0db17f3ac956fca0c0026a793b726d31c881afb\"\u003e\u003ccode\u003ec0db17f\u003c/code\u003e\u003c/a\u003e docs(cli): update cli option descriptions (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14071\"\u003e#14071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/361ecded84485d16477e5f7e15b836af4b1bdc6b\"\u003e\u003ccode\u003e361ecde\u003c/code\u003e\u003c/a\u003e fix(cli): remove process title startup overhead (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14061\"\u003e#14061\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/9a2ef243830e910ecea0092a77dad1c83a1f1b3a\"\u003e\u003ccode\u003e9a2ef24\u003c/code\u003e\u003c/a\u003e chore(deps): update patch npm dependencies (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14055\"\u003e#14055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/3c6700cddb9ace71b1864c45f3421ef427867bad\"\u003e\u003ccode\u003e3c6700c\u003c/code\u003e\u003c/a\u003e fix(cli): write logger trace output to file by default (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14022\"\u003e#14022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/dfcccd6e34f2a0558b90f42d826840bb3d05ce64\"\u003e\u003ccode\u003edfcccd6\u003c/code\u003e\u003c/a\u003e chore: release version 2.0.3 (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/14015\"\u003e#14015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/ed2742a992ca46625fa1a565cda34c9a17e1c516\"\u003e\u003ccode\u003eed2742a\u003c/code\u003e\u003c/a\u003e chore: enable tsgo for dts generation (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/13952\"\u003e#13952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/399819617ef19514767979e8d83c1244e6e77b59\"\u003e\u003ccode\u003e3998196\u003c/code\u003e\u003c/a\u003e chore(deps): update patch npm dependencies (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/13959\"\u003e#13959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/45e3a8a7f2c6f623d4b14f49d5ff28dbf6a26799\"\u003e\u003ccode\u003e45e3a8a\u003c/code\u003e\u003c/a\u003e chore: enable Rslint for more packages and fix lint issues (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli/issues/13934\"\u003e#13934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/web-infra-dev/rspack/commits/v2.0.4/packages/rspack-cli\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@rspack/core` from 1.7.11 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/web-infra-dev/rspack/releases\"\u003e@​rspack/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch2\u003eHighlights 💡\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eInline const with module declarations\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/web-infra-dev/rspack/pull/14032\"\u003e#14032\u003c/a\u003e): Previously, Rspack only inlined constant exports from leaf modules in the module graph. Now constant exports from any module can be inlined, even when that module also imports or re-exports other modules. In rare circular-reference cases this can make a TDZ error disappear, but we do not expect real projects to rely on TDZ errors, so Rspack prioritizes the optimization.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// constants.js\r\nimport './setup';\r\n\u003cp\u003eexport const ENABLE_EXPERIMENT = false;\u003c/p\u003e\n\u003cp\u003e// entry.js\u003cbr /\u003e\nimport { ENABLE_EXPERIMENT } from './constants';\u003c/p\u003e\n\u003cp\u003eif (ENABLE_EXPERIMENT) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Before: constants.js is not a leaf module, so the branch could keep\u003cbr /\u003e\n// reading the imported binding.\u003cbr /\u003e\nif (ENABLE_EXPERIMENT) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Now: the constant can still be inlined, so dead branches are easier\u003cbr /\u003e\n// to remove.\u003cbr /\u003e\nif (false) {\u003cbr /\u003e\nrunExperiment();\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTree shake namespace default reexport\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/web-infra-dev/rspack/pull/13980\"\u003e#13980\u003c/a\u003e): Previously, the \u003ccode\u003eimport * as a from './a'; export default a;\u003c/code\u003e pattern did not tree-shake \u003ccode\u003ea\u003c/code\u003e through the default export. Now Rspack further analyzes the default-exported namespace object and can remove unused exports from the original namespace module.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// a.js\r\nexport function used() {}\r\nexport function unused() {}\r\n\u003cp\u003e// bridge.js\u003cbr /\u003e\nimport * as a from './a';\u003cbr /\u003e\nexport default a;\u003c/p\u003e\n\u003cp\u003e// app.js\u003cbr /\u003e\nimport a from './bridge';\u003c/p\u003e\n\u003cp\u003ea.used();\u003c/p\u003e\n\u003cp\u003e// Before: both used and unused could be kept in the bundle.\u003cbr /\u003e\n// Now: unused can be tree-shaken.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/744af1e2015af1d84b2152b6029a158b1b8111e9\"\u003e\u003ccode\u003e744af1e\u003c/code\u003e\u003c/a\u003e chore: release v2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/eb7ba47dc3eb628bb7f05eafe808d04cbba2b16b\"\u003e\u003ccode\u003eeb7ba47\u003c/code\u003e\u003c/a\u003e fix: keep buildHttp imports bundled for node target (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14086\"\u003e#14086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/9ceba096132b2f21a6acd2c8432b9ad22a8111cc\"\u003e\u003ccode\u003e9ceba09\u003c/code\u003e\u003c/a\u003e feat: circular modules info plugin (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14031\"\u003e#14031\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/c7353bc21c8b83f296003d2b2e10f709ed6416b2\"\u003e\u003ccode\u003ec7353bc\u003c/code\u003e\u003c/a\u003e feat(css): support CSS module local ident options (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14009\"\u003e#14009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/9a2ef243830e910ecea0092a77dad1c83a1f1b3a\"\u003e\u003ccode\u003e9a2ef24\u003c/code\u003e\u003c/a\u003e chore(deps): update patch npm dependencies (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14055\"\u003e#14055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/f5cdf195870dd7f38c2644899806dbda3a6f5758\"\u003e\u003ccode\u003ef5cdf19\u003c/code\u003e\u003c/a\u003e feat(css): add support for css/global module type (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/13988\"\u003e#13988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/3c6700cddb9ace71b1864c45f3421ef427867bad\"\u003e\u003ccode\u003e3c6700c\u003c/code\u003e\u003c/a\u003e fix(cli): write logger trace output to file by default (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14022\"\u003e#14022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/dfcccd6e34f2a0558b90f42d826840bb3d05ce64\"\u003e\u003ccode\u003edfcccd6\u003c/code\u003e\u003c/a\u003e chore: release version 2.0.3 (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/14015\"\u003e#14015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/625d72955333cfccc518e3f41346f630893de2aa\"\u003e\u003ccode\u003e625d729\u003c/code\u003e\u003c/a\u003e feat: support import.meta.rspackRsc (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/13840\"\u003e#13840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/web-infra-dev/rspack/commit/eae2abdfc4370bdcffca36463e888705063a49ab\"\u003e\u003ccode\u003eeae2abd\u003c/code\u003e\u003c/a\u003e feat(externals): add modern-module externals type (\u003ca href=\"https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack/issues/13861\"\u003e#13861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/web-infra-dev/rspack/commits/v2.0.4/packages/rspack\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 20.19.39 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 9.39.4 to 10.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1a45ec596af1dd5f880e6874cb8f24dafb6a7ecf\"\u003e\u003ccode\u003e1a45ec5\u003c/code\u003e\u003c/a\u003e feat: check sequence expressions in \u003ccode\u003efor-direction\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20701\"\u003e#20701\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/450040bd89b989b3531824c6be45feb5fe3d936b\"\u003e\u003ccode\u003e450040b\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eincludeIgnoreFile()\u003c/code\u003e to \u003ccode\u003eeslint/config\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20735\"\u003e#20735\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/544c0c3da589166ad8e5d634f35d3d06701c57be\"\u003e\u003ccode\u003e544c0c3\u003c/code\u003e\u003c/a\u003e fix: escape code path DOT labels in debug output (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20866\"\u003e#20866\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6799431203f2579632d0870f98ba132067f4040c\"\u003e\u003ccode\u003e6799431\u003c/code\u003e\u003c/a\u003e fix: update dependency \u003ccode\u003e@​eslint/config-helpers\u003c/code\u003e to ^0.6.0 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20850\"\u003e#20850\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f078fef5005dceb14fc162aab7c7200e027688dd\"\u003e\u003ccode\u003ef078fef\u003c/code\u003e\u003c/a\u003e fix: handle non-array deprecated rule replacements (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20825\"\u003e#20825\u003c/a\u003e) (xbinaryx)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7e52a7151fb92eec0e0f67fe4e5ddbd1ccce796f\"\u003e\u003ccode\u003e7e52a71\u003c/code\u003e\u003c/a\u003e docs: add mention of \u003ccode\u003e@eslint-react/eslint-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20869\"\u003e#20869\u003c/a\u003e) (Pavel)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/db3468ba746407d7f286f18f7ea9db6df0e3bc08\"\u003e\u003ccode\u003edb3468b\u003c/code\u003e\u003c/a\u003e docs: tweak wording around ambiguous CJS-vs-ESM config (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20865\"\u003e#20865\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/90846643ec6e97d447ae0d831fabe6d17b0a998a\"\u003e\u003ccode\u003e9084664\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9cc73875046e3c4b8313644cbb1e99e26b36bd3f\"\u003e\u003ccode\u003e9cc7387\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/3d7b5484407403817aa9071a394d336d8ea96eb5\"\u003e\u003ccode\u003e3d7b548\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/191ec3c0a3f94ce0f110df761f0b2b8949011ccb\"\u003e\u003ccode\u003e191ec3c\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6616856f28fa514a30f87b5539fc100d739a94bf\"\u003e\u003ccode\u003e6616856\u003c/code\u003e\u003c/a\u003e chore: upgrade knip to v6 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20875\"\u003e#20875\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d13b084a3ad02f926e9addaa35fc383759ea5554\"\u003e\u003ccode\u003ed13b084\u003c/code\u003e\u003c/a\u003e ci: ensure auto-created PRs run CI (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20860\"\u003e#20860\u003c/a\u003e) (lumir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e71c7af86dce9acc1d18cb12d2184309f6841594\"\u003e\u003ccode\u003ee71c7af\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20862\"\u003e#20862\u003c/a\u003e) (dependabot[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d84393dea170f54191fd20c8268b52c81c0ccd99\"\u003e\u003ccode\u003ed84393d\u003c/code\u003e\u003c/a\u003e test: add unit tests for SuppressionsService.applySuppressions() (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20863\"\u003e#20863\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/24db8cb8e6f07fba667121777a15b1785486be94\"\u003e\u003ccode\u003e24db8cb\u003c/code\u003e\u003c/a\u003e test: add tests for SuppressionsService.save() (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20802\"\u003e#20802\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ef0549cac4a9537e4c3a26b9f3edd4c99476bf6\"\u003e\u003ccode\u003e2ef0549\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20857\"\u003e#20857\u003c/a\u003e) (github-actions[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a4297918d264d229a06cd96051ef9b91c7b86732\"\u003e\u003ccode\u003ea429791\u003c/code\u003e\u003c/a\u003e ci: remove \u003ccode\u003eeslint-webpack-plugin\u003c/code\u003e types integration test (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20668\"\u003e#20668\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9e37386aa7f2ce220b2ef74a6afbac5f6b3527c5\"\u003e\u003ccode\u003e9e37386\u003c/code\u003e\u003c/a\u003e chore: replace \u003ccode\u003erecast\u003c/code\u003e with range approach in code-sample-minimizer (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20682\"\u003e#20682\u003c/a\u003e) (Copilot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/0dd1f9ffc9a07704d46e2a4c8d4ccc0d0908b0c0\"\u003e\u003ccode\u003e0dd1f9f\u003c/code\u003e\u003c/a\u003e test: disable warning for \u003ccode\u003evm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20845\"\u003e#20845\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9da3c7bc92d9579f8db19ecb56e718538d09db2b\"\u003e\u003ccode\u003e9da3c7b\u003c/code\u003e\u003c/a\u003e refactor: remove deprecated \u003ccode\u003emeta.language\u003c/code\u003e and migrate \u003ccode\u003emeta.dialects\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20716\"\u003e#20716\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2099ed12a0a74c3d7f0808514362af2499b4fe2b\"\u003e\u003ccode\u003e2099ed1\u003c/code\u003e\u003c/a\u003e refactor: add \u003ccode\u003emeta.defaultOptions\u003c/code\u003e to more rules, enable linting (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20800\"\u003e#20800\u003c/a\u003e) (xbinaryx)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f1dfbc9ca57196de7092e1888cc99427bd6fe06e\"\u003e\u003ccode\u003ef1dfbc9\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20836\"\u003e#20836\u003c/a\u003e) (github-actions[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c75941390c14728806cd4baef4f6072f6de78318\"\u003e\u003ccode\u003ec759413\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.3 to 6.0.5 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20843\"\u003e#20843\u003c/a\u003e) (dependabot[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5b817d6fdc9ae2c35b528dc662b2eca8f40f64aa\"\u003e\u003ccode\u003e5b817d6\u003c/code\u003e\u003c/a\u003e test: add unit tests for lib/shared/ast-utils (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20838\"\u003e#20838\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1c13ae3934c198c494e5958fa3a68b33244ff06a\"\u003e\u003ccode\u003e1c13ae3\u003c/code\u003e\u003c/a\u003e test: add unit tests for lib/shared/severity (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20835\"\u003e#20835\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.3.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/379571a975f2b24d88037b9de2e72ec61d004130\"\u003e\u003ccode\u003e379571a\u003c/code\u003e\u003c/a\u003e feat: add suggestions for no-unused-private-class-members (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20773\"\u003e#20773\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b6ae5cf07b9b51802367539cb24b245b61eaa37c\"\u003e\u003ccode\u003eb6ae5cf\u003c/code\u003e\u003c/a\u003e fix: handle unavailable require cache (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20812\"\u003e#20812\u003c/a\u003e) (Simon Podlipsky)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6fb3685bcbe9a6f72fd7dfb9129686b6fb96b0bd\"\u003e\u003ccode\u003e6fb3685\u003c/code\u003e\u003c/a\u003e fix: rule suggestions cause continuation in class body (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20787\"\u003e#20787\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/32cc7ab4ec653ce89da92deb5c40a9f4fc707fe5\"\u003e\u003ccode\u003e32cc7ab\u003c/code\u003e\u003c/a\u003e docs: fix typos in docs and comments (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20809\"\u003e#20809\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7f479376a2fa463d823ab762db6bb37ce8d2ee8f\"\u003e\u003ccode\u003e7f47937\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d32235ec19ceea211fa86452afa383ca05f5c2f9\"\u003e\u003ccode\u003ed32235e\u003c/code\u003e\u003c/a\u003e ci: use pnpm in \u003ccode\u003eeslint-flat-config-utils\u003c/code\u003e type integration test (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20826\"\u003e#20826\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/3ffb14ea517de750ed1181579ef844af342e4096\"\u003e\u003ccode\u003e3ffb14e\u003c/code\u003e\u003c/a\u003e chore: clean up typos in comments and JSDoc (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20821\"\u003e#20821\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/452c4010c07dc2e36fe6ec6a8c48298878e86887\"\u003e\u003ccode\u003e452c401\u003c/code\u003e\u003c/a\u003e 10.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b6417e8b55c9525070d6e168b485ce6ff21688ed\"\u003e\u003ccode\u003eb6417e8\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6616856f28fa514a30f87b5539fc100d739a94bf\"\u003e\u003ccode\u003e6616856\u003c/code\u003e\u003c/a\u003e chore: upgrade knip to v6 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20875\"\u003e#20875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d13b084a3ad02f926e9addaa35fc383759ea5554\"\u003e\u003ccode\u003ed13b084\u003c/code\u003e\u003c/a\u003e ci: ensure auto-created PRs run CI (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20860\"\u003e#20860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7e52a7151fb92eec0e0f67fe4e5ddbd1ccce796f\"\u003e\u003ccode\u003e7e52a71\u003c/code\u003e\u003c/a\u003e docs: add mention of \u003ccode\u003e@eslint-react/eslint-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20869\"\u003e#20869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e71c7af86dce9acc1d18cb12d2184309f6841594\"\u003e\u003ccode\u003ee71c7af\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20862\"\u003e#20862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/544c0c3da589166ad8e5d634f35d3d06701c57be\"\u003e\u003ccode\u003e544c0c3\u003c/code\u003e\u003c/a\u003e fix: escape code path DOT labels in debug output (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20866\"\u003e#20866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/db3468ba746407d7f286f18f7ea9db6df0e3bc08\"\u003e\u003ccode\u003edb3468b\u003c/code\u003e\u003c/a\u003e docs: tweak wording around ambiguous CJS-vs-ESM config (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20865\"\u003e#20865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d84393dea170f54191fd20c8268b52c81c0ccd99\"\u003e\u003ccode\u003ed84393d\u003c/code\u003e\u003c/a\u003e test: add unit tests for SuppressionsService.applySuppressions() (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20863\"\u003e#20863\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/90846643ec6e97d447ae0d831fabe6d17b0a998a\"\u003e\u003ccode\u003e9084664\u003c/code\u003e\u003c/a\u003e docs: Update README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v9.39.4...v10.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `globals` from 15.15.0 to 17.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sindresorhus/globals/releases\"\u003eglobals's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev17.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (2026-05-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/343\"\u003e#343\u003c/a\u003e)  00a4dd9\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.5.0...v17.6.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.5.0...v17.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (2026-04-12) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/342\"\u003e#342\u003c/a\u003e)  5d84602\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.4.0...v17.5.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.4.0...v17.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (2026-03-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/338\"\u003e#338\u003c/a\u003e)  d43a051\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.3.0...v17.4.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.3.0...v17.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (2026-02-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/336\"\u003e#336\u003c/a\u003e)  295fba9\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.2.0...v17.3.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.2.0...v17.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ejasmine\u003c/code\u003e: Add \u003ccode\u003ethrowUnless\u003c/code\u003e and \u003ccode\u003ethrowUnlessAsync\u003c/code\u003e globals (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/335\"\u003e#335\u003c/a\u003e)  97f23a7\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.1.0...v17.2.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.1.0...v17.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ewebpack\u003c/code\u003e and \u003ccode\u003erspack\u003c/code\u003e globals (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/333\"\u003e#333\u003c/a\u003e)  65cae73\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/globals/compare/v17.0.0...v17.1.0\"\u003ehttps://github.com/sindresorhus/globals/compare/v17.0.0...v17.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev17.0.0\u003c/h2\u003e\n\u003ch3\u003eBreaking\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSplit \u003ccode\u003eaudioWorklet\u003c/code\u003e environment from \u003ccode\u003ebrowser\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/320\"\u003e#320\u003c/a\u003e)  7bc293e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate globals (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/329\"\u003e#329\u003c/a\u003e)  ebe1063\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/6b15870f1c08b60b5b57afe45a703d9ed0be39bc\"\u003e\u003ccode\u003e6b15870\u003c/code\u003e\u003c/a\u003e 17.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/00a4dd9821830a9b044798120e86b1bb1a54648d\"\u003e\u003ccode\u003e00a4dd9\u003c/code\u003e\u003c/a\u003e Update globals (2026-05-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/343\"\u003e#343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/b8170c8e1d648291b613c5b39a69652c796fa36c\"\u003e\u003ccode\u003eb8170c8\u003c/code\u003e\u003c/a\u003e 17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/5d846029679832931f38ced6381cc95bcb9abd80\"\u003e\u003ccode\u003e5d84602\u003c/code\u003e\u003c/a\u003e Update globals (2026-04-12) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/342\"\u003e#342\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/1b727e5f4cc39121b8e77b9f27574a8ca27391fc\"\u003e\u003ccode\u003e1b727e5\u003c/code\u003e\u003c/a\u003e Fix build script for ES globals (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/341\"\u003e#341\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/a9cfd7493fb701474d4dc946283c7b9d63d64134\"\u003e\u003ccode\u003ea9cfd74\u003c/code\u003e\u003c/a\u003e 17.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/d43a051c48fbb8c549bb98a7cf294ba84680a7a1\"\u003e\u003ccode\u003ed43a051\u003c/code\u003e\u003c/a\u003e Update globals (2026-03-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/338\"\u003e#338\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/5edc6020698a76964b0fa17cb604f4484451143b\"\u003e\u003ccode\u003e5edc602\u003c/code\u003e\u003c/a\u003e 17.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/295fba929adf8b44f945688233778a57ff754368\"\u003e\u003ccode\u003e295fba9\u003c/code\u003e\u003c/a\u003e Update globals (2026-02-01) (\u003ca href=\"https://redirect.github.com/sindresorhus/globals/issues/336\"\u003e#336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/globals/commit/8176ac7290e6eb0be1403b80a4184651c4cd95f6\"\u003e\u003ccode\u003e8176ac7\u003c/code\u003e\u003c/a\u003e 17.2.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sindresorhus/globals/compare/v15.15.0...v17.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jest` from 30.3.0 to 30.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jestjs/jest/releases\"\u003ejest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev30.4.2\u003c/h2\u003e\n\u003ch1\u003eFixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Fix named imports from CJS modules whose \u003ccode\u003emodule.exports\u003c/code\u003e is a function with own-property exports (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16150\"\u003e#16150\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jestjs/jest/compare/v30.4.1...v30.4.2\"\u003ehttps://github.com/jestjs/jest/compare/v30.4.1...v30.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev30.4.1\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-runner, jest-schemas, jest-types]\u003c/code\u003e Allow custom runner configuration options via tuple format \u003ccode\u003e['runner-path', {options}]\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16141\"\u003e#16141\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[jest-runtime]\u003c/code\u003e Align CJS-from-ESM default export with Node: \u003ccode\u003emodule.exports\u003c/code\u003e is always the ESM default, \u003ccode\u003e__esModule\u003c/code\u003e unwrapping is no longer applied (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16143\"\u003e#16143\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jestjs/jest/compare/v30.4.0...v30.4.1\"\u003ehttps://github.com/jestjs/jest/compare/v30.4.0...v30.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev30.4.0\u003c/h2\u003e\n\u003cp\u003eBig release! 😀\u003c/p\u003e\n\u003cp\u003eMain feature is a rewrite of our custom runtime in preparation for stabilisation of native support of ESM. As part of that work \u003ccode\u003erequire(esm)\u003c/code\u003e module is now supported on Node 24.9+ (still requires \u003ccode\u003e--experimental-vm-modules\u003c/code\u003e like before).\u003c/p\u003e\n\u003cp\u003eIn addition we now support fake timers for the recently released \u003ccode\u003eTemporal\u003c/code\u003e API in Node v26.\u003c/p\u003e\n\u003cp\u003eReact 19 is also supported properly in \u003ccode\u003epretty-format\u003c/code\u003e, meaning snapshots of React components now work like they should.\u003c/p\u003e\n\u003cp\u003eDue to all the changes, there might be regressions that snuck in. Please report them!\u003c/p\u003e\n\u003cp\u003eFull list of changes below\u003c/p\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e[babel-jest]\u003c/code\u003e Support collecting coverage from \u003ccode\u003e.mts\u003c/code\u003e, \u003ccode\u003e.cts\u003c/code\u003e (and other) files (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15994\"\u003e#15994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types]\u003c/code\u003e Add \u003ccode\u003e--collect-tests\u003c/code\u003e flag to discover and list tests without executing them (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16006\"\u003e#16006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-runner, jest-worker]\u003c/code\u003e Add \u003ccode\u003eworkerGracefulExitTimeout\u003c/code\u003e config option to control how long workers are given to exit before being force-killed (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/15984\"\u003e#15984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config]\u003c/code\u003e Add support for \u003ccode\u003ejest.config.mts\u003c/code\u003e as a valid configuration file (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16005\"\u003e#16005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-config, jest-core, jest-reporters, jest-runner]\u003c/code\u003e \u003ccode\u003everbose\u003c/code\u003e and \u003ccode\u003esilent\u003c/code\u003e can now be set per-project; the project-level value overrides the global value for that project's tests (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16133\"\u003e#16133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Duration\u003c/code\u003e in \u003ccode\u003ejest.advanceTimersByTime()\u003c/code\u003e and \u003ccode\u003ejest.advanceTimersByTimeAsync()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Accept \u003ccode\u003eTemporal.Instant\u003c/code\u003e and \u003ccode\u003eTemporal.ZonedDateTime\u003c/code\u003e in \u003ccode\u003ejest.setSystemTime()\u003c/code\u003e and \u003ccode\u003euseFakeTimers({now})\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16128\"\u003e#16128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[@jest/fake-timers]\u003c/code\u003e Support faking \u003ccode\u003eTemporal.Now.*\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16131\"\u003e#16131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-mock]\u003c/code\u003e Add \u003ccode\u003eclearMocksOnScope(scope)\u003c/code\u003e on \u003ccode\u003eModuleMocker\u003c/code\u003e for clearing every mock function exposed on a scope object (\u003ca href=\"https://redirect.github.com/jestjs/jest/pull/16088\"\u003e#16088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e[jest-resolve]\u003c/code\u003e Add \u003ccode\u003ecanResolveSync()\u003c/code\u003e on \u003ccode\u003eResolver\u003c/code\u003e so callers can detect when a use...\n\n_Description has been truncated_","html_url":"https://github.com/bsv-blockchain/ts-stack/pull/149","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bsv-blockchain%2Fts-stack/issues/149","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/149/packages"}},{"old_version":"2.7.4","new_version":"5.0.2","update_type":"major","path":null,"pr_created_at":"2026-05-21T19:37:08.000Z","version_change":"2.7.4 → 5.0.2","issue":{"uuid":"4497400411","node_id":"PR_kwDONS61ns7eFGm-","number":10,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T01:23:23.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T19:37:08.000Z","updated_at":"2026-05-22T01:23:25.000Z","time_to_close":20775,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":8,"packages":[{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"qs","old_version":"6.11.0","new_version":"6.14.2","repository_url":"https://github.com/ljharb/qs"},{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ejs","old_version":"2.7.4","new_version":"5.0.2","repository_url":"https://github.com/mde/ejs"},{"name":"jquery","old_version":"2.2.4","new_version":"4.0.0","repository_url":"https://github.com/jquery/jquery"},{"name":"jquery-ui","old_version":"1.10.5","new_version":"1.13.2","repository_url":"https://github.com/jquery/jquery-ui"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /benchmarks/fixtures/alotta-files directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 2 updates in the /benchmarks/fixtures/medium-size-app directory: [axios](https://github.com/axios/axios) and [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware).\nBumps the npm_and_yarn group with 6 updates in the /src/.tmp/npm/alotta-files directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [qs](https://github.com/ljharb/qs) | `6.11.0` | `6.14.2` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [ejs](https://github.com/mde/ejs) | `2.7.4` | `5.0.2` |\n| [jquery](https://github.com/jquery/jquery) | `2.2.4` | `4.0.0` |\n| [jquery-ui](https://github.com/jquery/jquery-ui) | `1.10.5` | `1.13.2` |\n\n\nUpdates `uuid` from 9.0.1 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.1...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.16.2 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.16.2...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `http-proxy-middleware` from 0.17.4 to 4.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases\"\u003ehttp-proxy-middleware's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003ch2\u003eNotable changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSwitched proxy from \u003ccode\u003ehttp-proxy\u003c/code\u003e to \u003ccode\u003ehttpxy\u003c/code\u003e ✨ (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1160\"\u003echimurai/http-proxy-middleware#1160\u003c/a\u003e)\nThis replaces a long-standing core dependency and brings in many upstream fixes and behavior improvements documented by the \u003ccode\u003ehttpxy\u003c/code\u003e project: \u003ca href=\"https://redirect.github.com/unjs/httpxy/issues/2\"\u003eunjs/httpxy#2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emany fixes: \u003ca href=\"https://github.com/unjs/httpxy/pulls?q=sort%3Aupdated-desc+is%3Apr+is%3Aclosed\"\u003ehttps://github.com/unjs/httpxy/pulls?q=sort%3Aupdated-desc+is%3Apr+is%3Aclosed\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehttp/2 support: \u003ca href=\"https://redirect.github.com/unjs/httpxy/pull/102\"\u003eunjs/httpxy#102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperformance: \u003ca href=\"https://redirect.github.com/unjs/httpxy/pull/124\"\u003eunjs/httpxy#124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eESM-only package [BREAKING CHANGE] 💣\n\u003ccode\u003ehttp-proxy-middleware\u003c/code\u003e now ships as native ES modules only. CommonJS \u003ccode\u003erequire()\u003c/code\u003e usage is no longer supported, so imports should use ESM syntax.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated Node.js support policy [BREAKING CHANGE] 💣\nDropped Node.js 14, 16, 18, and 20.\nNew minimum supported runtime is Node.js 22.15.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoved \u003ccode\u003elegacyCreateProxyMiddleware()\u003c/code\u003e [BREAKING CHANGE] 💣\nThe legacy compatibility wrapper has been removed as part of API cleanup. Use \u003ccode\u003ecreateProxyMiddleware()\u003c/code\u003e directly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded IPv6 literal support ✨\n\u003ccode\u003etarget\u003c/code\u003e and \u003ccode\u003eforward\u003c/code\u003e now support literal IPv6 URLs, for example: \u003ccode\u003ehttp://[::1]:3000\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExperimental Hono support 🧪\nAdded \u003ccode\u003ecreateHonoProxyMiddleware()\u003c/code\u003e for Hono apps, including dedicated subpath support via \u003ccode\u003ehttp-proxy-middleware/hono\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMany thanks to everyone who helped make this release possible. 🙏\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(types): fix Logger type by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1104\"\u003echimurai/http-proxy-middleware#1104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(fixRequestBody): support text/plain by \u003ca href=\"https://github.com/knudtty\"\u003e\u003ccode\u003e@​knudtty\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1103\"\u003echimurai/http-proxy-middleware#1103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(examples): bump deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1105\"\u003echimurai/http-proxy-middleware#1105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(prettier): improve prettier setup by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1108\"\u003echimurai/http-proxy-middleware#1108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): fix punycode node deprecation warning by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1109\"\u003echimurai/http-proxy-middleware#1109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(examples): bump deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1110\"\u003echimurai/http-proxy-middleware#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(codespaces): add devcontainer.json by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1112\"\u003echimurai/http-proxy-middleware#1112\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): bump dev dependencies by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1116\"\u003echimurai/http-proxy-middleware#1116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(github-action): ci.yml add node v24 by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1117\"\u003echimurai/http-proxy-middleware#1117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): bump dev dependencies by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1118\"\u003echimurai/http-proxy-middleware#1118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): upgrade to jest v30 by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1122\"\u003echimurai/http-proxy-middleware#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(examples): upgrade deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1124\"\u003echimurai/http-proxy-middleware#1124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): update dev deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1125\"\u003echimurai/http-proxy-middleware#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(websocket): fix ws import by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1126\"\u003echimurai/http-proxy-middleware#1126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(refactor): use \u003ccode\u003enode:\u003c/code\u003e protocol imports by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1127\"\u003echimurai/http-proxy-middleware#1127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(node24): pin node24 due to TLS issue with mockttp by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1137\"\u003echimurai/http-proxy-middleware#1137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(recipes/pathRewrite.md): fix comment by \u003ca href=\"https://github.com/DEBargha2004\"\u003e\u003ccode\u003e@​DEBargha2004\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1135\"\u003echimurai/http-proxy-middleware#1135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): bump dev deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1138\"\u003echimurai/http-proxy-middleware#1138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update actions/checkout action to v5 by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1140\"\u003echimurai/http-proxy-middleware#1140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(error-response-plugin): sanitize input by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1141\"\u003echimurai/http-proxy-middleware#1141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package.json): update dev deps by \u003ca href=\"https://github.com/chimurai\"\u003e\u003ccode\u003e@​chimurai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1143\"\u003echimurai/http-proxy-middleware#1143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md\"\u003ehttp-proxy-middleware's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v4.0.0\"\u003ev4.0.0\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(types): fix Logger type\u003c/li\u003e\n\u003cli\u003efix(error-response-plugin): sanitize input\u003c/li\u003e\n\u003cli\u003efeat: drop node v14/v16/v18 [BREAKING CHANGE]\u003c/li\u003e\n\u003cli\u003erefactor: replace http-proxy w/ httpxy\u003c/li\u003e\n\u003cli\u003echore: remove legacyCreateProxyMiddleware() [BREAKING CHANGE]\u003c/li\u003e\n\u003cli\u003eci: migrate from jest to vitest\u003c/li\u003e\n\u003cli\u003echore(package.json): esm only [BREAKING CHANGE]\u003c/li\u003e\n\u003cli\u003echore(package.json): bump to httpxy 0.5.0 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1183\"\u003e#1183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(package.json): drop node20 [BREAKING CHANGE] (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1179\"\u003e#1179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor: remove deprecated url.parse() (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1176\"\u003e#1176\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(fixRequestBody): support content-encoding on request body (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1142\"\u003e#1142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: prevent TypeError when ws enabled but server is undefined (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1163\"\u003e#1163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: applyPathRewrite logs old req.url instead of rewritten path (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1157\"\u003e#1157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(hono): support for hono with createHonoProxyMiddleware\u003c/li\u003e\n\u003cli\u003efeat(ipv6): support literal IPv6 addresses in \u003ccode\u003etarget\u003c/code\u003e and \u003ccode\u003eforward\u003c/code\u003e options (ie. \u0026quot;http://[::1]:8000\u0026quot;)\u003c/li\u003e\n\u003cli\u003echore(package.json): bump httpxy to ^0.5.1\u003c/li\u003e\n\u003cli\u003efix(logger-plugin): support ipv6 host and handle undefined protocol/host\u003c/li\u003e\n\u003cli\u003eci(publish.yml): pin github.triggering_actor\u003c/li\u003e\n\u003cli\u003echore(package.json): node ^22.15.0 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1218\"\u003e#1218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor(package): subpath 'http-proxy-middleware/hono' (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1220\"\u003e#1220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: node 26 support\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.5\"\u003ev3.0.5\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(fixRequestBody): check readableLength (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1096\"\u003e#1096\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.4\"\u003ev3.0.4\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(fixRequestBody): handle invalid request (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1092\"\u003e#1092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(fixRequestBody): prevent multiple .write() calls (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1089\"\u003e#1089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(websocket): handle errors in handleUpgrade (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/823\"\u003e#823\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci(package): patch http-proxy (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1084\"\u003e#1084\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(fixRequestBody): support multipart/form-data (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/896\"\u003e#896\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(types): export Plugin type (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1071\"\u003e#1071\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.3\"\u003ev3.0.3\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(pathFilter): handle errors\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.2\"\u003ev3.0.2\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(dependency): replace is-plain-obj with is-plain-object (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1031\"\u003e#1031\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(package): upgrade to eslint v9 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1032\"\u003e#1032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(logger-plugin): handle undefined protocol and hostname (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/1036\"\u003e#1036\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.1\"\u003ev3.0.1\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(type): fix RequestHandler return type (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/pull/980\"\u003e#980\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/8f356bcb5fce079460564f729da55814363361a6\"\u003e\u003ccode\u003e8f356bc\u003c/code\u003e\u003c/a\u003e chore(package.json): v4.0.0 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1225\"\u003e#1225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/7d7f9b05240b6321e24d0fe47e220dcd5ff28985\"\u003e\u003ccode\u003e7d7f9b0\u003c/code\u003e\u003c/a\u003e chore: node 26 support (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1224\"\u003e#1224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/9a1cdb5c1759496d040c1a792e33e5790f1baf5c\"\u003e\u003ccode\u003e9a1cdb5\u003c/code\u003e\u003c/a\u003e docs: minor documentation fixes (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1223\"\u003e#1223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/c03926df4633b042726cd8392be6e705c606b59f\"\u003e\u003ccode\u003ec03926d\u003c/code\u003e\u003c/a\u003e docs: update http-proxy references to httpxy (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1222\"\u003e#1222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/f8ecd6d2c6abe683f4f1cc5377fb93dfe9b1e145\"\u003e\u003ccode\u003ef8ecd6d\u003c/code\u003e\u003c/a\u003e chore(package.json): v4.0.0-beta.6 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1221\"\u003e#1221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/08c5248718263f19a3da7bc912df4b71487ac7c5\"\u003e\u003ccode\u003e08c5248\u003c/code\u003e\u003c/a\u003e refactor(package): subpath 'http-proxy-middleware/hono' (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1220\"\u003e#1220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/a0fed537e64e951c16ffeb57721ac7d37686f362\"\u003e\u003ccode\u003ea0fed53\u003c/code\u003e\u003c/a\u003e chore(package.json): node ^22.15.0 (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1218\"\u003e#1218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/2c6768b08b82360fa1ce4df8e43b2883d60f8ef9\"\u003e\u003ccode\u003e2c6768b\u003c/code\u003e\u003c/a\u003e chore(package.json): remove patch-package (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1217\"\u003e#1217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/339f09ede860197807d4fd99ed9020fa5d0bd358\"\u003e\u003ccode\u003e339f09e\u003c/code\u003e\u003c/a\u003e ci(publish.yml): pin github.triggering_actor (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1216\"\u003e#1216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chimurai/http-proxy-middleware/commit/dcacc02137d3864b3694d1f01154f1a1ddd14736\"\u003e\u003ccode\u003edcacc02\u003c/code\u003e\u003c/a\u003e fix(logger-plugin): support ipv6 host and handle undefined protocol/host (\u003ca href=\"https://redirect.github.com/chimurai/http-proxy-middleware/issues/1215\"\u003e#1215\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/chimurai/http-proxy-middleware/compare/v0.17.4...v4.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for http-proxy-middleware since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.0 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.0...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=...\n\n_Description has been truncated_","html_url":"https://github.com/deleonio/pnpm.io/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/deleonio%2Fpnpm.io/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"3.1.10","new_version":"5.0.2","update_type":"major","path":null,"pr_created_at":"2026-05-20T02:07:43.000Z","version_change":"3.1.10 → 5.0.2","issue":{"uuid":"4482539461","node_id":"PR_kwDOShefoc7dU6rk","number":6,"state":"open","title":"Bump ejs from 3.1.10 to 5.0.2","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T02:07:43.000Z","updated_at":"2026-05-20T02:07:44.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"ejs","old_version":"3.1.10","new_version":"5.0.2","repository_url":"https://github.com/mde/ejs"}],"path":null,"ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 3.1.10 to 5.0.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.2\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.1\u003c/p\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 4.0.1\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/blob/main/RELEASE_NOTES_v5.md\"\u003eejs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eEJS Version 5.0.1 Release Notes\u003c/h1\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eEJS version 5.0.1 is a major release that removes deprecated options, fixes template\nbehavior with custom delimiters, improves the CLI and build pipeline, and simplifies\nthe package by moving Jake to a dev-only dependency.\u003c/p\u003e\n\u003ch2\u003eMajor Changes\u003c/h2\u003e\n\u003ch3\u003eDeprecated Option Removed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e option\u003c/strong\u003e (Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e): The legacy \u003ccode\u003eclient\u003c/code\u003e flag and related\ncode have been removed. This option produced browser-oriented template functions\nby inlining escape and rethrow helpers; it was unmaintained and broken. Use the\nstandard browser bundle (\u003ccode\u003eejs.min.js\u003c/code\u003e) or compile templates for the client using\nyour own build setup.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCustom delimiters and whitespace-slurp tags\u003c/strong\u003e (Fixed \u003ca href=\"https://redirect.github.com/mde/ejs/issues/780\"\u003e#780\u003c/a\u003e): Whitespace-slurp\ntags (\u003ccode\u003e\u0026lt;%_\u003c/code\u003e and \u003ccode\u003e_%\u0026gt;\u003c/code\u003e by default) now respect custom \u003ccode\u003eopenDelimiter\u003c/code\u003e, \u003ccode\u003edelimiter\u003c/code\u003e,\nand \u003ccode\u003ecloseDelimiter\u003c/code\u003e. Previously, the slurp regex was hardcoded to \u003ccode\u003e\u0026lt;%\u003c/code\u003e/\u003ccode\u003e%\u0026gt;\u003c/code\u003e,\nso custom delimiters did not work correctly with \u003ccode\u003e\u0026lt;%_\u003c/code\u003e/\u003ccode\u003e_%\u0026gt;\u003c/code\u003e-style tags.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCLI \u0026amp; Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCLI no longer depends on Jake\u003c/strong\u003e: The \u003ccode\u003eejs\u003c/code\u003e CLI now uses a bundled argument\nparser (\u003ccode\u003elib/esm/parseargs.js\u003c/code\u003e / \u003ccode\u003elib/cjs/parseargs.js\u003c/code\u003e) instead of the Jake\nprogram module. Jake remains a devDependency for the build (lint, compile,\nbrowserify, minify, test).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eJake moved to devDependencies\u003c/strong\u003e: Jake was moved from \u003ccode\u003edependencies\u003c/code\u003e to\n\u003ccode\u003edevDependencies\u003c/code\u003e, so installing \u003ccode\u003eejs\u003c/code\u003e as a dependency no longer pulls in Jake.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMinification fix\u003c/strong\u003e: The minify task now minifies the browserified \u003ccode\u003eejs.js\u003c/code\u003e\nbundle (output of the browserify task) instead of \u003ccode\u003elib/cjs/ejs.js\u003c/code\u003e, so the\nbrowser bundle is correctly minified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation \u0026amp; Examples\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJSDoc updates\u003c/strong\u003e: Removed references to the \u003ccode\u003eclient\u003c/code\u003e option and \u003ccode\u003eClientFunction\u003c/code\u003e\nfrom options and template-function documentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExamples\u003c/strong\u003e: \u003ccode\u003eexamples/client-compilation.html\u003c/code\u003e and \u003ccode\u003eexamples/express/app.js\u003c/code\u003e\nupdated to remove use of the \u003ccode\u003eclient\u003c/code\u003e option; Express example no longer passes\n\u003ccode\u003eclient: true\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eREADME\u003c/strong\u003e: Removed broken link to the third-party EJS playground.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Quality\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eTests\u003c/strong\u003e: Removed tests that targeted the removed \u003ccode\u003eclient\u003c/code\u003e option behavior.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUtils\u003c/strong\u003e: Removed unused \u003ccode\u003eclient\u003c/code\u003e-related code from \u003ccode\u003elib/esm/utils.js\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e Option\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eOption removed\u003c/strong\u003e: The \u003ccode\u003eclient\u003c/code\u003e option is no longer supported. Passing\n\u003ccode\u003eclient: true\u003c/code\u003e (or any value) is ignored; no error is thrown, but no\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/a464c96302e57a53914604617331b69afccae25e\"\u003e\u003ccode\u003ea464c96\u003c/code\u003e\u003c/a\u003e Version 5.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/b4f7b4936452a6e28eafa7a1404fda16a818802d\"\u003e\u003ccode\u003eb4f7b49\u003c/code\u003e\u003c/a\u003e Hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2b155621f9b9ee0bcc59b6c877db69ab6f2fbc50\"\u003e\u003ccode\u003e2b15562\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f9ab0b7d9437de643f1c63896271307708810a77\"\u003e\u003ccode\u003ef9ab0b7\u003c/code\u003e\u003c/a\u003e Version 5.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/173c46f4786f1d143cc51934b4696f0795079b2c\"\u003e\u003ccode\u003e173c46f\u003c/code\u003e\u003c/a\u003e Bump version for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/35ad41b93e8b2ddd579e764d043057957d1a9866\"\u003e\u003ccode\u003e35ad41b\u003c/code\u003e\u003c/a\u003e Removed Jake\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/bf142d1abc5fdd76fc498db97f613806cd80fb47\"\u003e\u003ccode\u003ebf142d1\u003c/code\u003e\u003c/a\u003e Updated version number\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/3cd835cfdaf327e4549bf9139e8613244ac5a929\"\u003e\u003ccode\u003e3cd835c\u003c/code\u003e\u003c/a\u003e Remove broken playground link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/6e1289c3344e8b3aeb4f7ecd8ae70c36be8664df\"\u003e\u003ccode\u003e6e1289c\u003c/code\u003e\u003c/a\u003e Fix minification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/5090873fbff032d61968a32232346fafa65b06d2\"\u003e\u003ccode\u003e5090873\u003c/code\u003e\u003c/a\u003e Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e, removed old 'client' flag\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.10...v5.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=3.1.10\u0026new-version=5.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/bicilique/devsecops-web-monolith-demo/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bicilique%2Fdevsecops-web-monolith-demo/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"3.1.6","new_version":"3.1.10","update_type":"patch","path":"/frontend","pr_created_at":"2026-05-19T04:58:02.000Z","version_change":"3.1.6 → 3.1.10","issue":{"uuid":"4474531273","node_id":"PR_kwDOShisVs7c7DPE","number":1,"state":"open","title":"Bump ejs from 3.1.6 to 3.1.10 in /frontend","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T04:58:02.000Z","updated_at":"2026-05-19T04:58:14.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"}],"path":"/frontend","ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 3.1.6 to 3.1.10.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003ch2\u003ev3.1.7\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.7\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.6...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=3.1.6\u0026new-version=3.1.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SQLtattoo/SQLtattoo-GH500-class-demos/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/SQLtattoo/SQLtattoo-GH500-class-demos/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SQLtattoo%2FSQLtattoo-GH500-class-demos/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"3.1.6","new_version":"5.0.2","update_type":"major","path":"/frontend","pr_created_at":"2026-05-19T04:25:05.000Z","version_change":"3.1.6 → 5.0.2","issue":{"uuid":"4474378598","node_id":"PR_kwDOShiPts7c6jDE","number":15,"state":"open","title":"Bump ejs from 3.1.6 to 5.0.2 in /frontend","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T04:25:05.000Z","updated_at":"2026-05-19T04:25:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"ejs","old_version":"3.1.6","new_version":"5.0.2","repository_url":"https://github.com/mde/ejs"}],"path":"/frontend","ecosystem":"npm"},"body":"Bumps [ejs](https://github.com/mde/ejs) from 3.1.6 to 5.0.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.2\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.1\u003c/p\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 4.0.1\u003c/p\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003ch2\u003ev3.1.7\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.7\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/blob/main/RELEASE_NOTES_v5.md\"\u003eejs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eEJS Version 5.0.1 Release Notes\u003c/h1\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eEJS version 5.0.1 is a major release that removes deprecated options, fixes template\nbehavior with custom delimiters, improves the CLI and build pipeline, and simplifies\nthe package by moving Jake to a dev-only dependency.\u003c/p\u003e\n\u003ch2\u003eMajor Changes\u003c/h2\u003e\n\u003ch3\u003eDeprecated Option Removed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e option\u003c/strong\u003e (Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e): The legacy \u003ccode\u003eclient\u003c/code\u003e flag and related\ncode have been removed. This option produced browser-oriented template functions\nby inlining escape and rethrow helpers; it was unmaintained and broken. Use the\nstandard browser bundle (\u003ccode\u003eejs.min.js\u003c/code\u003e) or compile templates for the client using\nyour own build setup.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCustom delimiters and whitespace-slurp tags\u003c/strong\u003e (Fixed \u003ca href=\"https://redirect.github.com/mde/ejs/issues/780\"\u003e#780\u003c/a\u003e): Whitespace-slurp\ntags (\u003ccode\u003e\u0026lt;%_\u003c/code\u003e and \u003ccode\u003e_%\u0026gt;\u003c/code\u003e by default) now respect custom \u003ccode\u003eopenDelimiter\u003c/code\u003e, \u003ccode\u003edelimiter\u003c/code\u003e,\nand \u003ccode\u003ecloseDelimiter\u003c/code\u003e. Previously, the slurp regex was hardcoded to \u003ccode\u003e\u0026lt;%\u003c/code\u003e/\u003ccode\u003e%\u0026gt;\u003c/code\u003e,\nso custom delimiters did not work correctly with \u003ccode\u003e\u0026lt;%_\u003c/code\u003e/\u003ccode\u003e_%\u0026gt;\u003c/code\u003e-style tags.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCLI \u0026amp; Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCLI no longer depends on Jake\u003c/strong\u003e: The \u003ccode\u003eejs\u003c/code\u003e CLI now uses a bundled argument\nparser (\u003ccode\u003elib/esm/parseargs.js\u003c/code\u003e / \u003ccode\u003elib/cjs/parseargs.js\u003c/code\u003e) instead of the Jake\nprogram module. Jake remains a devDependency for the build (lint, compile,\nbrowserify, minify, test).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eJake moved to devDependencies\u003c/strong\u003e: Jake was moved from \u003ccode\u003edependencies\u003c/code\u003e to\n\u003ccode\u003edevDependencies\u003c/code\u003e, so installing \u003ccode\u003eejs\u003c/code\u003e as a dependency no longer pulls in Jake.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMinification fix\u003c/strong\u003e: The minify task now minifies the browserified \u003ccode\u003eejs.js\u003c/code\u003e\nbundle (output of the browserify task) instead of \u003ccode\u003elib/cjs/ejs.js\u003c/code\u003e, so the\nbrowser bundle is correctly minified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation \u0026amp; Examples\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJSDoc updates\u003c/strong\u003e: Removed references to the \u003ccode\u003eclient\u003c/code\u003e option and \u003ccode\u003eClientFunction\u003c/code\u003e\nfrom options and template-function documentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExamples\u003c/strong\u003e: \u003ccode\u003eexamples/client-compilation.html\u003c/code\u003e and \u003ccode\u003eexamples/express/app.js\u003c/code\u003e\nupdated to remove use of the \u003ccode\u003eclient\u003c/code\u003e option; Express example no longer passes\n\u003ccode\u003eclient: true\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eREADME\u003c/strong\u003e: Removed broken link to the third-party EJS playground.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Quality\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eTests\u003c/strong\u003e: Removed tests that targeted the removed \u003ccode\u003eclient\u003c/code\u003e option behavior.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUtils\u003c/strong\u003e: Removed unused \u003ccode\u003eclient\u003c/code\u003e-related code from \u003ccode\u003elib/esm/utils.js\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e Option\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eOption removed\u003c/strong\u003e: The \u003ccode\u003eclient\u003c/code\u003e option is no longer supported. Passing\n\u003ccode\u003eclient: true\u003c/code\u003e (or any value) is ignored; no error is thrown, but no\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/a464c96302e57a53914604617331b69afccae25e\"\u003e\u003ccode\u003ea464c96\u003c/code\u003e\u003c/a\u003e Version 5.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/b4f7b4936452a6e28eafa7a1404fda16a818802d\"\u003e\u003ccode\u003eb4f7b49\u003c/code\u003e\u003c/a\u003e Hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2b155621f9b9ee0bcc59b6c877db69ab6f2fbc50\"\u003e\u003ccode\u003e2b15562\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f9ab0b7d9437de643f1c63896271307708810a77\"\u003e\u003ccode\u003ef9ab0b7\u003c/code\u003e\u003c/a\u003e Version 5.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/173c46f4786f1d143cc51934b4696f0795079b2c\"\u003e\u003ccode\u003e173c46f\u003c/code\u003e\u003c/a\u003e Bump version for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/35ad41b93e8b2ddd579e764d043057957d1a9866\"\u003e\u003ccode\u003e35ad41b\u003c/code\u003e\u003c/a\u003e Removed Jake\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/bf142d1abc5fdd76fc498db97f613806cd80fb47\"\u003e\u003ccode\u003ebf142d1\u003c/code\u003e\u003c/a\u003e Updated version number\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/3cd835cfdaf327e4549bf9139e8613244ac5a929\"\u003e\u003ccode\u003e3cd835c\u003c/code\u003e\u003c/a\u003e Remove broken playground link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/6e1289c3344e8b3aeb4f7ecd8ae70c36be8664df\"\u003e\u003ccode\u003e6e1289c\u003c/code\u003e\u003c/a\u003e Fix minification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/5090873fbff032d61968a32232346fafa65b06d2\"\u003e\u003ccode\u003e5090873\u003c/code\u003e\u003c/a\u003e Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e, removed old 'client' flag\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.6...v5.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ejs\u0026package-manager=npm_and_yarn\u0026previous-version=3.1.6\u0026new-version=5.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/SQLtattoo/GH500-class-demos/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SQLtattoo%2FGH500-class-demos/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"3.1.9","new_version":"3.1.10","update_type":"patch","path":null,"pr_created_at":"2026-05-18T03:11:33.000Z","version_change":"3.1.9 → 3.1.10","issue":{"uuid":"4465981351","node_id":"PR_kwDOKAOxoM7cfc7L","number":10,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-18T03:15:23.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T03:11:33.000Z","updated_at":"2026-05-18T03:15:25.000Z","time_to_close":230,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"axios","old_version":"1.4.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"firebase","old_version":"10.1.0","new_version":"10.9.0","repository_url":"https://github.com/firebase/firebase-js-sdk"},{"name":"@adobe/css-tools","old_version":"4.2.0","new_version":"4.4.4","repository_url":"https://github.com/adobe/css-tools"},{"name":"@babel/helpers","old_version":"7.22.6","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.22.8","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"cross-spawn","old_version":"6.0.5","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"body-parser","old_version":"1.20.1","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.18.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"braces","old_version":"2.3.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"elliptic","old_version":"6.5.4","new_version":"removed","repository_url":"https://github.com/indutny/elliptic"},{"name":"http-proxy-middleware","old_version":"2.0.6","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"nanoid","old_version":"3.3.6","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"rollup","old_version":"2.79.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.88.2","new_version":"5.106.2","repository_url":"https://github.com/webpack/webpack"},{"name":"webpack-dev-middleware","old_version":"5.3.3","new_version":"5.3.4","repository_url":"https://github.com/webpack/webpack-dev-middleware"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.4.0` | `1.15.2` |\n| [firebase](https://github.com/firebase/firebase-js-sdk) | `10.1.0` | `10.9.0` |\n| [@adobe/css-tools](https://github.com/adobe/css-tools) | `4.2.0` | `4.4.4` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.22.6` | `7.29.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.22.8` | `7.29.0` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `6.0.5` | `7.0.6` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [elliptic](https://github.com/indutny/elliptic) | `6.5.4` | `removed` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.12` |\n| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.88.2` | `5.106.2` |\n| [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` |\n\n\nUpdates `axios` from 1.4.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.4.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `firebase` from 10.1.0 to 10.9.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/1eb302f5af15ae4e975d1989e489e3b119665271\"\u003e\u003ccode\u003e1eb302f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8063\"\u003e#8063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/b49886710ea2c49163f8840924abbc01ad729da2\"\u003e\u003ccode\u003eb498867\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/ce88e71e738ac7bb2cd5d63e4e314e2de82f72ef\"\u003e\u003ccode\u003ece88e71\u003c/code\u003e\u003c/a\u003e snapshot listeners source from cache (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/7982\"\u003e#7982\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/6d487d7dee631498bed1aeccbb45d8f14ae911d1\"\u003e\u003ccode\u003e6d487d7\u003c/code\u003e\u003c/a\u003e Prevent using authTokenSyncURL if the string begins with a double slash (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8060\"\u003e#8060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/b4d59d6659a1b6fb1d5a38c697668f2a2b4f030d\"\u003e\u003ccode\u003eb4d59d6\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/2b22838aa2c7ccec480b26c9702bbb98a0778250\"\u003e\u003ccode\u003e2b22838\u003c/code\u003e\u003c/a\u003e Fix glob pattern to work with Node 20 and its NPM version (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8059\"\u003e#8059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/feb5038e51bac1a4a90ef0bcc1db27770480fa48\"\u003e\u003ccode\u003efeb5038\u003c/code\u003e\u003c/a\u003e Update CI node.js versions to 20.x (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8055\"\u003e#8055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/245dd26e19b6c16aca7e1b7e597ed5784c2984ba\"\u003e\u003ccode\u003e245dd26\u003c/code\u003e\u003c/a\u003e Enforce authTokenSyncURL being a path and not a url. (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8056\"\u003e#8056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/e60188d47f59d00f7faf7ebb2c0d8e338014a0f8\"\u003e\u003ccode\u003ee60188d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8046\"\u003e#8046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/7e2efbf4e552d7e0534e49d1638af87aeb064545\"\u003e\u003ccode\u003e7e2efbf\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/firebase/firebase-js-sdk/compare/firebase@10.1.0...firebase@10.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@adobe/css-tools` from 4.2.0 to 4.4.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/adobe/css-tools/blob/main/docs/CHANGELOG.md\"\u003e@​adobe/css-tools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.4.4] - 2025-07-22\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch from yarn to npm for package management\u003c/li\u003e\n\u003cli\u003eSwitch from eslint to biome for code formatting and linting\u003c/li\u003e\n\u003cli\u003eReformat codebase to comply with biome recommendations\u003c/li\u003e\n\u003cli\u003eSwitch from webpack to rollup for bundling\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix module exports to ensure proper compatibility with bundlers\u003c/li\u003e\n\u003cli\u003eAdd validation check to prevent future export issues\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.4.3] - 2025-05-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix polynomial regular expression vulnerability on uncontrolled data\u003c/li\u003e\n\u003cli\u003eRefactor code to enable GitHub security static analysis\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove parsing performance with minor optimizations\u003c/li\u003e\n\u003cli\u003eReplace regex patterns with string search (indexOf-based) for better performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd new utility functions with comprehensive unit tests\u003c/li\u003e\n\u003cli\u003eAdd improved formatting for CSS Grid template areas (\u003ca href=\"https://redirect.github.com/adobe/css-tools/issues/283\"\u003e#283\u003c/a\u003e by \u003ca href=\"https://github.com/jogibear9988\"\u003e\u003ccode\u003e@​jogibear9988\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix TypeScript error with ConstructorParameters in Parcel bundler (\u003ca href=\"https://redirect.github.com/adobe/css-tools/issues/444\"\u003e#444\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.4.2] - 2025-02-12\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix regular expression for parsing quoted values in parentheses\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.4.0] - 2024-06-05\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for CSS \u003ccode\u003e@starting-style\u003c/code\u003e at-rule (\u003ca href=\"https://redirect.github.com/adobe/css-tools/issues/319\"\u003e#319\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.3.3] - 2024-01-24\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate package export configuration (\u003ca href=\"https://redirect.github.com/adobe/css-tools/issues/271\"\u003e#271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.3.2] - 2023-11-28\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix ReDoS vulnerability with crafted CSS strings - CVE-2023-48631\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/adobe/css-tools/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.22.6 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.22.8 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.8.21 to 1.9.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid buffering significantly more than \u003ccode\u003egrpc.max_receive_message_size\u003c/code\u003e per received message.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could rarely cause connection leaks (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2644\"\u003e#2644\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients to go IDLE incorrectly some time after calling \u003ccode\u003ewaitForReady\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2643\"\u003e#2643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause the Node process to close early when establishing a connection while a request is pending (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2626\"\u003e#2626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause connectivity state information to become stale in some circumstances (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2623\"\u003e#2623\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a busy loop when recovering from a failure to establish a connection to a unix domain socket address target (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2618\"\u003e#2618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that caused clients to stop trying to connect to a fixed IP address target after a working connection drops (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2619\"\u003e#2619\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide the correct port to the proxy when connecting to a target without an explicitly specified port (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2608\"\u003e#2608\u003c/a\u003e contributed by \u003ca href=\"https://github.com/segevfiner\"\u003e\u003ccode\u003e@​segevfiner\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProperly handle goaway events with no additional data attached (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2611\"\u003e#2611\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a busy loop when recovering from a failure to establish a connection to a fixed IP address target (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2609\"\u003e#2609\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a memory leak caused by creating and closing multiple clients (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause a client to not update name resolution after multiple failed connection attempts (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2602\"\u003e#2602\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInclude more information in most \u0026quot;No connection established\u0026quot; errors (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2598\"\u003e#2598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the \u003ccode\u003eindex\u003c/code\u003e tracer, and add more information to other trace logs (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2599\"\u003e#2599\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a type inconsistency in \u003ccode\u003eserver-call.ts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2589\"\u003e#2589\u003c/a\u003e contributed by \u003ca href=\"https://github.com/rsnullptr\"\u003e\u003ccode\u003e@​rsnullptr\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClose ports if the server is shut down while the bind operation is ongoing (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2590\"\u003e#2590\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause a client to sometimes incorrectly hold the process open when no longer in use (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2586\"\u003e#2586\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake a few improvements to DNS resolving timing (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2571\"\u003e#2571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eExperimental changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003egrpc.experimental.BackoffTimeout#getEndTime\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle error when sending keepalive pings (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2563\"\u003e#2563\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650\"\u003e\u003ccode\u003e08b0422\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-7v5v-9h63-cj86\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/c75e04894829ff5c0eac83a3eea96724ec7cd118\"\u003e\u003ccode\u003ec75e048\u003c/code\u003e\u003c/a\u003e grpc-js: Bump to 1.9.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/d5d62b4d94acf05d4335122efa9e36b07955eb2d\"\u003e\u003ccode\u003ed5d62b4\u003c/code\u003e\u003c/a\u003e grpc-js: Avoid buffering significantly more than max_receive_message_size per...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/02d034489a923f7f9cb15d4720cc2c865b11ef12\"\u003e\u003ccode\u003e02d0344\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2741\"\u003e#2741\u003c/a\u003e from sergiitk/backport-1.9-psm-interop-common-prod-t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/cf14020643472af7ec56c3591c73f91d74c4aa73\"\u003e\u003ccode\u003ecf14020\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2729\"\u003e#2729\u003c/a\u003e from sergiitk/psm-interop-common-prod-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/da44229934a18519126f6993b6feed00c60ded0a\"\u003e\u003ccode\u003eda44229\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2738\"\u003e#2738\u003c/a\u003e from murgatroid99/backport-1.9-grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5ae7c8c84518fa49ec639cd36051d65e50db5a6c\"\u003e\u003ccode\u003e5ae7c8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2735\"\u003e#2735\u003c/a\u003e from murgatroid99/grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/eed21ba0bba8e8b1d8bc01001cfd0faf61bb9a75\"\u003e\u003ccode\u003eeed21ba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2714\"\u003e#2714\u003c/a\u003e from sergiitk/backport-1.9-psm-interop-pkg-dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/63763a40003b17e5e8f3f9c8d7f4aeb6592569f6\"\u003e\u003ccode\u003e63763a4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2712\"\u003e#2712\u003c/a\u003e from sergiitk/psm-interop-pkg-dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5be83dd878c5a2b857c38b113aabb3fad9bd376d\"\u003e\u003ccode\u003e5be83dd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2643\"\u003e#2643\u003c/a\u003e from murgatroid99/grpc-js_idle_timer_fix\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.21...@grpc/grpc-js@1.9.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobufjs` from 6.11.3 to 7.5.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/releases\"\u003eprotobufjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs: v7.5.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.5.5\u003c/h2\u003e\n\u003cp\u003eThis release backports two reported security issues to 7.x branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not allow setting \u003ccode\u003e__proto__\u003c/code\u003e in Message constructor (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2126\"\u003e#2126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: filter invalid characters from the type name (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2127\"\u003e#2127\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\"\u003ehttps://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v7.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eprotobufjs: v7.5.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.3...protobufjs-v7.5.4\"\u003e7.5.4\u003c/a\u003e (2025-08-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einvalid syntax in descriptor.proto (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2092\"\u003e#2092\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/5a3769a465fead089a533ad55c21d069299df760\"\u003e5a3769a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eprotobufjs: v7.5.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.2...protobufjs-v7.5.3\"\u003e7.5.3\u003c/a\u003e (2025-05-28)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.5.9/CHANGELOG.md\"\u003eprotobufjs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.8...protobufjs-v7.5.9\"\u003e7.5.9\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e0853a62\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.7...protobufjs-v7.5.8\"\u003e7.5.8\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e54b593f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.6...protobufjs-v7.5.7\"\u003e7.5.7\u003c/a\u003e (2026-05-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003ecc7d595\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.5...protobufjs-v7.5.6\"\u003e7.5.6\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e75392ea\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.3...protobufjs-v7.5.4\"\u003e7.5.4\u003c/a\u003e (2025-08-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einvalid syntax in descriptor.proto (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2092\"\u003e#2092\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/5a3769a465fead089a533ad55c21d069299df760\"\u003e5a3769a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.2...protobufjs-v7.5.3\"\u003e7.5.3\u003c/a\u003e (2025-05-28)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edescriptor extensions handling post-editions (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2075\"\u003e#2075\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/6e255d4ad6982cc857f26e1731c2cedcf5796f68\"\u003e6e255d4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.1...protobufjs-v7.5.2\"\u003e7.5.2\u003c/a\u003e (2025-05-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure that types are always resolved (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2068\"\u003e#2068\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/4b51cb2b8450b77f9f5de1c562e7fae93b19d040\"\u003e4b51cb2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.0...protobufjs-v7.5.1\"\u003e7.5.1\u003c/a\u003e (2025-05-08)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/2189e5beeca6a70e4c104dfdb9fb8200bc5f81fe\"\u003e\u003ccode\u003e2189e5b\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2174\"\u003e#2174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e\u003ccode\u003e75392ea\u003c/code\u003e\u003c/a\u003e fix: Backport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/v6.11.3...protobufjs-v7.5.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for protobufjs since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 6.0.5 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.2...v7.0.3\"\u003e7.0.3\u003c/a\u003e (2020-05-25)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edetect path key based on correct environment (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/133\"\u003e#133\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/159e7e9785e57451cba034ae51719f97135074ae\"\u003e159e7e9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2020-04-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix worker threads in Node \u0026gt;=11.10.0 (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/132\"\u003e#132\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6c5b4f015814a6c4f6b33230dfd1a860aedc0aaf\"\u003e6c5b4f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2019-10-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/cfd49c9\"\u003ecfd49c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2019-09-03)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003edrop support for Node.js \u0026lt; 8\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003edrop support for versions below Node.js 8 (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/125\"\u003e#125\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/16feb53\"\u003e16feb53\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.1 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href...\n\n_Description has been truncated_","html_url":"https://github.com/Sunny-64/NFT-marketplace/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sunny-64%2FNFT-marketplace/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"3.1.8","new_version":"3.1.10","update_type":"patch","path":null,"pr_created_at":"2026-05-17T11:49:18.000Z","version_change":"3.1.8 → 3.1.10","issue":{"uuid":"4463358875","node_id":"PR_kwDOHeIors7cXkPV","number":3,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 42 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-17T11:49:18.000Z","updated_at":"2026-05-17T11:51:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":42,"packages":[{"name":"firebase","old_version":"9.9.0","new_version":"10.9.0","repository_url":"https://github.com/firebase/firebase-js-sdk"},{"name":"semver","old_version":"6.3.0","new_version":"7.8.0","repository_url":"https://github.com/npm/node-semver"},{"name":"@babel/helpers","old_version":"7.18.2","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.18.4","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.11.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"body-parser","old_version":"1.20.0","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.18.1","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"ejs","old_version":"3.1.8","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.0","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.1","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.6","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"json5","old_version":"1.0.1","new_version":"2.2.3","repository_url":"https://github.com/json5/json5"},{"name":"loader-utils","old_version":"2.0.2","new_version":"2.0.4","repository_url":"https://github.com/webpack/loader-utils"},{"name":"loader-utils","old_version":"3.2.0","new_version":"3.3.1","repository_url":"https://github.com/webpack/loader-utils"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"micromatch","old_version":"4.0.5","new_version":"4.0.8","repository_url":"https://github.com/micromatch/micromatch"},{"name":"nanoid","old_version":"3.3.4","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"node-forge","old_version":"1.3.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"react-router","old_version":"6.3.0","new_version":"6.30.3","repository_url":"https://github.com/remix-run/react-router"},{"name":"rollup","old_version":"2.75.6","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tough-cookie","old_version":"4.0.0","new_version":"4.1.4","repository_url":"https://github.com/salesforce/tough-cookie"},{"name":"webpack","old_version":"5.73.0","new_version":"5.106.2","repository_url":"https://github.com/webpack/webpack"},{"name":"webpack-dev-middleware","old_version":"5.3.3","new_version":"5.3.4","repository_url":"https://github.com/webpack/webpack-dev-middleware"},{"name":"ws","old_version":"8.7.0","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.8","new_version":"7.5.10","repository_url":"https://github.com/websockets/ws"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 34 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [firebase](https://github.com/firebase/firebase-js-sdk) | `9.9.0` | `10.9.0` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `7.8.0` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.18.2` | `7.29.2` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.18.4` | `7.29.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.11.0` | `8.20.0` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.1` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.8` | `3.1.10` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.0` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.16.0` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `2.2.3` |\n| [loader-utils](https://github.com/webpack/loader-utils) | `2.0.2` | `2.0.4` |\n| [loader-utils](https://github.com/webpack/loader-utils) | `3.2.0` | `3.3.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.12` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.3.0` | `6.30.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.75.6` | `2.80.0` |\n| [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.0.0` | `4.1.4` |\n| [webpack](https://github.com/webpack/webpack) | `5.73.0` | `5.106.2` |\n| [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` |\n| [ws](https://github.com/websockets/ws) | `8.7.0` | `8.20.1` |\n| [ws](https://github.com/websockets/ws) | `7.5.8` | `7.5.10` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `firebase` from 9.9.0 to 10.9.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/1eb302f5af15ae4e975d1989e489e3b119665271\"\u003e\u003ccode\u003e1eb302f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8063\"\u003e#8063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/b49886710ea2c49163f8840924abbc01ad729da2\"\u003e\u003ccode\u003eb498867\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/ce88e71e738ac7bb2cd5d63e4e314e2de82f72ef\"\u003e\u003ccode\u003ece88e71\u003c/code\u003e\u003c/a\u003e snapshot listeners source from cache (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/7982\"\u003e#7982\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/6d487d7dee631498bed1aeccbb45d8f14ae911d1\"\u003e\u003ccode\u003e6d487d7\u003c/code\u003e\u003c/a\u003e Prevent using authTokenSyncURL if the string begins with a double slash (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8060\"\u003e#8060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/b4d59d6659a1b6fb1d5a38c697668f2a2b4f030d\"\u003e\u003ccode\u003eb4d59d6\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/2b22838aa2c7ccec480b26c9702bbb98a0778250\"\u003e\u003ccode\u003e2b22838\u003c/code\u003e\u003c/a\u003e Fix glob pattern to work with Node 20 and its NPM version (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8059\"\u003e#8059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/feb5038e51bac1a4a90ef0bcc1db27770480fa48\"\u003e\u003ccode\u003efeb5038\u003c/code\u003e\u003c/a\u003e Update CI node.js versions to 20.x (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8055\"\u003e#8055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/245dd26e19b6c16aca7e1b7e597ed5784c2984ba\"\u003e\u003ccode\u003e245dd26\u003c/code\u003e\u003c/a\u003e Enforce authTokenSyncURL being a path and not a url. (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8056\"\u003e#8056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/e60188d47f59d00f7faf7ebb2c0d8e338014a0f8\"\u003e\u003ccode\u003ee60188d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/firebase/firebase-js-sdk/issues/8046\"\u003e#8046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/firebase/firebase-js-sdk/commit/7e2efbf4e552d7e0534e49d1638af87aeb064545\"\u003e\u003ccode\u003e7e2efbf\u003c/code\u003e\u003c/a\u003e Merge master into release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/firebase/firebase-js-sdk/compare/firebase@9.9.0...firebase@10.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 6.3.0 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/efa4be6096c1f9b77d9d27d6132f6220c43b4e31\"\u003e\u003ccode\u003eefa4be6\u003c/code\u003e\u003c/a\u003e chore: release 7.8.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/847\"\u003e#847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply@5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e fix: Warn when defaulting to --inc=patch in CLI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e feat: Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e docs: fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e docs: fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5993c2e42bdf17c5f03e6360da51bc707fcee460\"\u003e\u003ccode\u003e5993c2e\u003c/code\u003e\u003c/a\u003e chore: release 7.7.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e deps: \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.29.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/node-semver/compare/v6.3.0...v7.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for semver since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.18.2 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.18.4 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.18.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.6.7 to 1.9.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid buffering significantly more than \u003ccode\u003egrpc.max_receive_message_size\u003c/code\u003e per received message.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could rarely cause connection leaks (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2644\"\u003e#2644\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause clients to go IDLE incorrectly some time after calling \u003ccode\u003ewaitForReady\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2643\"\u003e#2643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause the Node process to close early when establishing a connection while a request is pending (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2626\"\u003e#2626\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause connectivity state information to become stale in some circumstances (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2623\"\u003e#2623\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a busy loop when recovering from a failure to establish a connection to a unix domain socket address target (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2618\"\u003e#2618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that caused clients to stop trying to connect to a fixed IP address target after a working connection drops (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2619\"\u003e#2619\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide the correct port to the proxy when connecting to a target without an explicitly specified port (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2608\"\u003e#2608\u003c/a\u003e contributed by \u003ca href=\"https://github.com/segevfiner\"\u003e\u003ccode\u003e@​segevfiner\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProperly handle goaway events with no additional data attached (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2611\"\u003e#2611\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a busy loop when recovering from a failure to establish a connection to a fixed IP address target (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2609\"\u003e#2609\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a memory leak caused by creating and closing multiple clients (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause a client to not update name resolution after multiple failed connection attempts (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2602\"\u003e#2602\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInclude more information in most \u0026quot;No connection established\u0026quot; errors (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2598\"\u003e#2598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the \u003ccode\u003eindex\u003c/code\u003e tracer, and add more information to other trace logs (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2599\"\u003e#2599\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a type inconsistency in \u003ccode\u003eserver-call.ts\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2589\"\u003e#2589\u003c/a\u003e contributed by \u003ca href=\"https://github.com/rsnullptr\"\u003e\u003ccode\u003e@​rsnullptr\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClose ports if the server is shut down while the bind operation is ongoing (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2590\"\u003e#2590\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug that could cause a client to sometimes incorrectly hold the process open when no longer in use (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2586\"\u003e#2586\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake a few improvements to DNS resolving timing (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2571\"\u003e#2571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eExperimental changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003egrpc.experimental.BackoffTimeout#getEndTime\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.9.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle error when sending keepalive pings (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2563\"\u003e#2563\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650\"\u003e\u003ccode\u003e08b0422\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-7v5v-9h63-cj86\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/c75e04894829ff5c0eac83a3eea96724ec7cd118\"\u003e\u003ccode\u003ec75e048\u003c/code\u003e\u003c/a\u003e grpc-js: Bump to 1.9.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/d5d62b4d94acf05d4335122efa9e36b07955eb2d\"\u003e\u003ccode\u003ed5d62b4\u003c/code\u003e\u003c/a\u003e grpc-js: Avoid buffering significantly more than max_receive_message_size per...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/02d034489a923f7f9cb15d4720cc2c865b11ef12\"\u003e\u003ccode\u003e02d0344\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2741\"\u003e#2741\u003c/a\u003e from sergiitk/backport-1.9-psm-interop-common-prod-t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/cf14020643472af7ec56c3591c73f91d74c4aa73\"\u003e\u003ccode\u003ecf14020\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2729\"\u003e#2729\u003c/a\u003e from sergiitk/psm-interop-common-prod-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/da44229934a18519126f6993b6feed00c60ded0a\"\u003e\u003ccode\u003eda44229\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2738\"\u003e#2738\u003c/a\u003e from murgatroid99/backport-1.9-grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/5ae7c8c84518fa49ec639cd36051d65e50db5a6c\"\u003e\u003ccode\u003e5ae7c8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-n...\n\n_Description has been truncated_","html_url":"https://github.com/LautaroDerose/DeroseEcommerceCoderhouse/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LautaroDerose%2FDeroseEcommerceCoderhouse/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"3.1.9","new_version":"3.1.10","update_type":"patch","path":null,"pr_created_at":"2026-05-17T03:24:44.000Z","version_change":"3.1.9 → 3.1.10","issue":{"uuid":"4462141744","node_id":"PR_kwDOEzH_b87cUAqS","number":2242,"state":"closed","title":"Bump the npm_and_yarn group across 16 directories with 27 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T05:09:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-17T03:24:44.000Z","updated_at":"2026-05-22T05:09:55.000Z","time_to_close":438301,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":27,"packages":[{"name":"axios","old_version":"0.21.4","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"body-parser","old_version":"1.20.2","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.18.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"esbuild","old_version":"0.18.20","new_version":"0.25.0","repository_url":"https://github.com/evanw/esbuild"},{"name":"@babel/runtime","old_version":"7.22.15","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"brace-expansion","old_version":"2.0.1","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.2.7","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the /samples/app-auth/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.20` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.22.15` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 17 updates in the /samples/app-checkin-location/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.11` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.4` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 18 updates in the /samples/app-complete-auth/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [axios](https://github.com/axios/axios) | `1.6.7` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `9.0.3` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.20` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.20` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 2 updates in the /samples/app-installation-using-qr-code/nodejs directory: [axios](https://github.com/axios/axios) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 12 updates in the /samples/app-link-unfurling-in-share-to-teams/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.8` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.14` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.20.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 11 updates in the /samples/bot-file-upload/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.11` | `0.25.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.11.0` | `6.15.2` |\n\nBumps the npm_and_yarn group with 2 updates in the /samples/bot-join-team-using-qr-code/nodejs directory: [axios](https://github.com/axios/axios) and [brace-expansion](https://github.com/juliangruber/brace-expansion).\nBumps the npm_and_yarn group with 17 updates in the /samples/bot-request-approval/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.11` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.4` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 2 updates in the /samples/bot-sharepoint-file-viewer/nodejs directory: [axios](https://github.com/axios/axios) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /samples/bot-type-ahead-search-adaptive-cards/nodejs directory: [axios](https://github.com/axios/axios) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 13 updates in the /samples/meetings-notification/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.8` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 17 updates in the /samples/msgext-message-reminder/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.4` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 15 updates in the /samples/msgext-search-sso-config/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `1.16.1` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.20` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.13.2` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.4` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.9.6` | `6.15.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\nBumps the npm_and_yarn group with 11 updates in the /samples/msgext-search/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.11` | `0.25.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.11.0` | `6.15.2` |\n\nBumps the npm_and_yarn group with 15 updates in the /samples/tab-stage-view/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.14` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.14.8` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 17 updates in the /samples/tab-staggered-permission/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `removed` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.1` | `2.7.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n\n\nUpdates `axios` from 0.21.4 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.21.4...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.2 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.2...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.9 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.9...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/ex...\n\n_Description has been truncated_","html_url":"https://github.com/OfficeDev/Microsoft-Teams-Samples/pull/2242","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OfficeDev%2FMicrosoft-Teams-Samples/issues/2242","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2242/packages"}},{"old_version":"3.1.7","new_version":"3.1.10","update_type":"patch","path":null,"pr_created_at":"2026-05-16T13:27:21.000Z","version_change":"3.1.7 → 3.1.10","issue":{"uuid":"4460015898","node_id":"PR_kwDODgBikc7cNuvB","number":747,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 31 updates","user":"dependabot[bot]","labels":["dependencies","size/XS","stale","javascript"],"assignees":["aravindvnair99"],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T13:27:21.000Z","updated_at":"2026-05-31T03:03:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":31,"packages":[{"name":"axios","old_version":"0.25.0","new_version":"0.31.1","repository_url":"https://github.com/axios/axios"},{"name":"ejs","old_version":"3.1.7","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"semver","old_version":"5.7.1","new_version":"7.8.0","repository_url":"https://github.com/npm/node-semver"},{"name":"@babel/traverse","old_version":"7.20.5","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@grpc/grpc-js","old_version":"1.7.3","new_version":"1.8.22","repository_url":"https://github.com/grpc/grpc-node"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"body-parser","old_version":"1.20.1","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.18.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cookie","old_version":"0.4.1","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"minimatch","old_version":"3.1.2","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"flatted","old_version":"3.2.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"jose","old_version":"2.0.6","new_version":"2.0.7","repository_url":"https://github.com/panva/jose"},{"name":"json5","old_version":"2.2.1","new_version":"2.2.3","repository_url":"https://github.com/json5/json5"},{"name":"jsonwebtoken","old_version":"8.5.1","new_version":"9.0.3","repository_url":"https://github.com/auth0/node-jsonwebtoken"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 18 updates in the /functions directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.25.0` | `0.31.1` |\n| [ejs](https://github.com/mde/ejs) | `3.1.7` | `3.1.10` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `7.8.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.20.5` | `7.29.0` |\n| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.7.3` | `1.8.22` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.1` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `2.1.0` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `5.1.9` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [jose](https://github.com/panva/jose) | `2.0.6` | `2.0.7` |\n| [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `9.0.3` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\n\nUpdates `axios` from 0.25.0 to 0.31.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection \u0026amp; Proxy Bypass:\u003c/strong\u003e Backports v1 security hardening — sanitizes outgoing header values to strip invalid bytes, CRLF sequences, and boundary whitespace (including array values); adds proper \u003ccode\u003eNO_PROXY\u003c/code\u003e/\u003ccode\u003eno_proxy\u003c/code\u003e enforcement covering wildcards, explicit ports, loopback aliases (\u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, \u003ccode\u003e::1\u003c/code\u003e), bracketed IPv6, and trailing-dot hostnames. Proxy bypass is now checked before the proxy URL is parsed, and \u003ccode\u003eparsed.host\u003c/code\u003e is used for correct port and IPv6 handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10688\"\u003e#10688\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCI Security:\u003c/strong\u003e SHA-pins all actions and disables credential persistence in v0.x CI, introduces \u003ccode\u003ezizmor\u003c/code\u003e security scanning with SARIF upload to code scanning, adds an OIDC Trusted Publishing workflow with npm provenance attestations, and gates all publishes behind a required \u003ccode\u003enpm-publish\u003c/code\u003e GitHub Environment with configurable reviewer protections. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTypeScript — \u003ccode\u003eAxiosInstance\u003c/code\u003e Return Types:\u003c/strong\u003e Fixes return types in \u003ccode\u003eAxiosInstance\u003c/code\u003e methods to correctly resolve to \u003ccode\u003ePromise\u0026lt;R\u0026gt;\u003c/code\u003e (matching \u003ccode\u003eAxiosPromise\u0026lt;T\u0026gt;\u003c/code\u003e semantics), and corrects the generic call signature so TypeScript properly enforces the response data type. TypeScript-only changes; no runtime impact. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7328\"\u003e#7328\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePerformance:\u003c/strong\u003e Fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e that caused excessive computation when the argument was a large string. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eVersioning \u0026amp; CI Workflow:\u003c/strong\u003e Adds an automated versioning flow for v0.x, renames the CI workflow for consistency with the v1.x naming convention, and corrects the branch name reference in CI config. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10690\"\u003e#10690\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10691\"\u003e#10691\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10692\"\u003e#10692\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nakataki17\"\u003e\u003ccode\u003e@​nakataki17\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/gmasclet\"\u003e\u003ccode\u003e@​gmasclet\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/shaanmajid\"\u003e\u003ccode\u003e@​shaanmajid\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/ivan-churakov\"\u003e\u003ccode\u003e@​ivan-churakov\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7328\"\u003e#7328\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.30.3...v0.31.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5073eca0edd37b13a0e39dcb48794d779b7dff8d\"\u003e\u003ccode\u003e5073eca\u003c/code\u003e\u003c/a\u003e chore: release v0.31.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10697\"\u003e#10697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b57eb1a93214c9d6840035add0cc705fa9d6d697\"\u003e\u003ccode\u003eb57eb1a\u003c/code\u003e\u003c/a\u003e ci: update branch name (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10692\"\u003e#10692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.25.0...v0.31.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.7 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.7...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 5.7.1 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/efa4be6096c1f9b77d9d27d6132f6220c43b4e31\"\u003e\u003ccode\u003eefa4be6\u003c/code\u003e\u003c/a\u003e chore: release 7.8.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/847\"\u003e#847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e chore: template-oss-apply@5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e fix: Warn when defaulting to --inc=patch in CLI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e feat: Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e docs: fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e docs: fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5993c2e42bdf17c5f03e6360da51bc707fcee460\"\u003e\u003ccode\u003e5993c2e\u003c/code\u003e\u003c/a\u003e chore: release 7.7.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e deps: \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.29.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/node-semver/compare/v5.7.1...v7.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for semver since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.20.5 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@grpc/grpc-js` from 1.7.3 to 1.8.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-node/releases\"\u003e@​grpc/grpc-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid buffering significantly more than \u003ccode\u003egrpc.max_receive_message_size\u003c/code\u003e per received message.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.8.21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix propagation of UNIMPLEMENTED error messages (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2528\"\u003e#2528\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a crash when the channel option \u003ccode\u003egrpc.keepalive_permit_without_calls\u003c/code\u003e is set (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate keepalive behavior to more correctly handle short calls and long periods of inactivity (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2513\"\u003e#2513\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix reporting of call stacks in unary request errors (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2503\"\u003e#2503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix reporting of proxy info in channelz socket responses (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2503\"\u003e#2503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisallow \u003ccode\u003epick_first\u003c/code\u003e LB policy as the direct child of an \u003ccode\u003eoutlier_detection\u003c/code\u003e LB policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2476\"\u003e#2476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix missing \u003ccode\u003etransport\u003c/code\u003e trace logs (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2470\"\u003e#2470\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a memory leak that could result from a specific pattern of recursive function calls (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2456\"\u003e#2456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003estatus\u003c/code\u003e and \u003ccode\u003eerror\u003c/code\u003e events are consistently emitted asynchronously (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2456\"\u003e#2456\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix sequencing of some events related to connectivity state changes (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2421\"\u003e#2421\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix memory leak in channelz socket tracking (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2394\"\u003e#2394\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.8.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix an occasional type error when receiving DNS updates (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2380\"\u003e#2380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix ordering of events when handing requests on the server (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2376\"\u003e#2376\u003c/a\u003e contributed by \u003ca href=\"https://github.com/phoenix741\"\u003e\u003ccode\u003e@​phoenix741\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid accumulating placeholder objects when sending many messages on a long-running stream (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2372\"\u003e#2372\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix bugs in \u0026quot;pick first\u0026quot; load balancing policy that caused incorrect reconnection behavior (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2369\"\u003e#2369\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix a bug where clients would continue to send pings at the original configured rate after receiving a backoff request from the server (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2363\"\u003e#2363\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​grpc/grpc-js\u003c/code\u003e 1.8.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eprogress\u003c/code\u003e field in returned status object (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2350\"\u003e#2350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExport \u003ccode\u003eInterceptingListener\u003c/code\u003e and \u003ccode\u003eNextCall\u003c/code\u003e types (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2351\"\u003e#2351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug that could cause a crash when sending messages that exceed the outgoing message buffer size while a retry is in progress (\u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2349\"\u003e#2349\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/a8a020339c7eab1347a343a512ad17a4aea4bfdb\"\u003e\u003ccode\u003ea8a0203\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-7v5v-9h63-cj86\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/3b110cddfe4c895d6f642092b99a6667cef5ae00\"\u003e\u003ccode\u003e3b110cd\u003c/code\u003e\u003c/a\u003e grpc-js: Bump to 1.8.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/8e622220c8af437687927d25aeb3f340447aed43\"\u003e\u003ccode\u003e8e62222\u003c/code\u003e\u003c/a\u003e grpc-js: Avoid buffering significantly more than max_receive_message_size per...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/9d8394738f0db40582ff3866e1c868109446122c\"\u003e\u003ccode\u003e9d83947\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2742\"\u003e#2742\u003c/a\u003e from sergiitk/backport-1.8-psm-interop-common-prod-t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/00f348c4861ab87aa3c18935a07babd0715227a6\"\u003e\u003ccode\u003e00f348c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2729\"\u003e#2729\u003c/a\u003e from sergiitk/psm-interop-common-prod-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/36d105b1953b10ecd6b9119f37ebcb03f7ab030e\"\u003e\u003ccode\u003e36d105b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2737\"\u003e#2737\u003c/a\u003e from murgatroid99/backport-1.8-grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/969e30502767f3d7036b975efbffcc97b1fff40d\"\u003e\u003ccode\u003e969e305\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2735\"\u003e#2735\u003c/a\u003e from murgatroid99/grpc-js_linkify-it_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/d78216f28378a2cec9914ba23470d04ce735a821\"\u003e\u003ccode\u003ed78216f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2715\"\u003e#2715\u003c/a\u003e from sergiitk/backport-1.8-psm-interop-pkg-dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/f38966aab5cd7b4c94cb6f3e6a518375f11f5e52\"\u003e\u003ccode\u003ef38966a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2712\"\u003e#2712\u003c/a\u003e from sergiitk/psm-interop-pkg-dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-node/commit/ffefff2570d56f59ac701e4204afcb987870c2ec\"\u003e\u003ccode\u003effefff2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/grpc/grpc-node/issues/2640\"\u003e#2640\u003c/a\u003e from XuanWang-Amos/backport-1.8-psm-interop-shared-b...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.7.3...@grpc/grpc-js@1.8.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.20.1 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce336...\n\n_Description has been truncated_","html_url":"https://github.com/aravindvnair99/Spot-the-Hole/pull/747","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aravindvnair99%2FSpot-the-Hole/issues/747","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/747/packages"}},{"old_version":"3.1.6","new_version":"3.1.10","update_type":"patch","path":null,"pr_created_at":"2026-05-14T08:49:09.000Z","version_change":"3.1.6 → 3.1.10","issue":{"uuid":"4444534534","node_id":"PR_kwDOEzH_b87bckQr","number":2132,"state":"closed","title":"Bump the npm_and_yarn group across 2 directories with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-15T01:09:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-14T08:49:09.000Z","updated_at":"2026-05-15T01:09:57.000Z","time_to_close":58846,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"body-parser","old_version":"1.19.1","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"esbuild","old_version":"0.18.13","new_version":"0.25.0","repository_url":"https://github.com/evanw/esbuild"},{"name":"jsonwebtoken","old_version":"8.5.1","new_version":"9.0.3","repository_url":"https://github.com/auth0/node-jsonwebtoken"},{"name":"semver","old_version":"7.3.5","new_version":"7.8.0","repository_url":"https://github.com/npm/node-semver"},{"name":"semver","old_version":"6.3.0","new_version":"6.3.1","repository_url":"https://github.com/npm/node-semver"},{"name":"semver","old_version":"5.7.1","new_version":"5.7.2","repository_url":"https://github.com/npm/node-semver"},{"name":"@babel/runtime","old_version":"7.12.13","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"got","old_version":"9.6.0","new_version":"removed","repository_url":"https://github.com/sindresorhus/got"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"json5","old_version":"1.0.1","new_version":"1.0.2","repository_url":"https://github.com/json5/json5"},{"name":"minimist","old_version":"1.2.5","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"node-fetch","old_version":"2.6.1","new_version":"2.7.0","repository_url":"https://github.com/node-fetch/node-fetch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the /samples/tab-staggered-permission/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.1` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.13` | `0.25.0` |\n| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `9.0.3` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.12.13` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.1` | `2.7.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 15 updates in the /samples/tab-stage-view/nodejs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.18.14` | `0.25.0` |\n| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.8.0` |\n| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |\n| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.14.8` | `7.29.2` |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\n\nUpdates `body-parser` from 1.19.1 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.19.1...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.6 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003ch2\u003ev3.1.7\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.7\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.6...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.18.13 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis release deliberately contains backwards-incompatible changes.\u003c/strong\u003e To avoid automatically picking up releases like this, you should either be pinning the exact version of \u003ccode\u003eesbuild\u003c/code\u003e in your \u003ccode\u003epackage.json\u003c/code\u003e file (recommended) or be using a version range syntax that only accepts patch upgrades such as \u003ccode\u003e^0.24.0\u003c/code\u003e or \u003ccode\u003e~0.24.0\u003c/code\u003e. See npm's documentation about \u003ca href=\"https://docs.npmjs.com/cli/v6/using-npm/semver/\"\u003esemver\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRestrict access to esbuild's development server (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99\"\u003eGHSA-67mh-4wv8-2f99\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis change addresses esbuild's first security vulnerability report. Previously esbuild set the \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header to \u003ccode\u003e*\u003c/code\u003e to allow esbuild's development server to be flexible in how it's used for development. However, this allows the websites you visit to make HTTP requests to esbuild's local development server, which gives read-only access to your source code if the website were to fetch your source code's specific URL. You can read more information in \u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99\"\u003ethe report\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eStarting with this release, \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS\"\u003eCORS\u003c/a\u003e will now be disabled, and requests will now be denied if the host does not match the one provided to \u003ccode\u003e--serve=\u003c/code\u003e. The default host is \u003ccode\u003e0.0.0.0\u003c/code\u003e, which refers to all of the IP addresses that represent the local machine (e.g. both \u003ccode\u003e127.0.0.1\u003c/code\u003e and \u003ccode\u003e192.168.0.1\u003c/code\u003e). If you want to customize anything about esbuild's development server, you can \u003ca href=\"https://esbuild.github.io/api/#serve-proxy\"\u003eput a proxy in front of esbuild\u003c/a\u003e and modify the incoming and/or outgoing requests.\u003c/p\u003e\n\u003cp\u003eIn addition, the \u003ccode\u003eserve()\u003c/code\u003e API call has been changed to return an array of \u003ccode\u003ehosts\u003c/code\u003e instead of a single \u003ccode\u003ehost\u003c/code\u003e string. This makes it possible to determine all of the hosts that esbuild's development server will accept.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDelete output files when a build fails in watch mode (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3643\"\u003e#3643\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIt has been requested for esbuild to delete files when a build fails in watch mode. Previously esbuild left the old files in place, which could cause people to not immediately realize that the most recent build failed. With this release, esbuild will now delete all output files if a rebuild fails. Fixing the build error and triggering another rebuild will restore all output files again.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix correctness issues with the CSS nesting transform (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3620\"\u003e#3620\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3877\"\u003e#3877\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3933\"\u003e#3933\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3997\"\u003e#3997\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4005\"\u003e#4005\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4037\"\u003e#4037\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4038\"\u003e#4038\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes the following problems:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNaive expansion of CSS nesting can result in an exponential blow-up of generated CSS if each nesting level has multiple selectors. Previously esbuild sometimes collapsed individual nesting levels using \u003ccode\u003e:is()\u003c/code\u003e to limit expansion. However, this collapsing wasn't correct in some cases, so it has been removed to fix correctness issues.\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\r\n.parent {\r\n  \u0026gt; .a,\r\n  \u0026gt; .b1 \u0026gt; .b2 {\r\n    color: red;\r\n  }\r\n}\r\n\u003cp\u003e/* Old output (with --supported:nesting=false) */\u003cbr /\u003e\n.parent \u0026gt; :is(.a, .b1 \u0026gt; .b2) {\u003cbr /\u003e\ncolor: red;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --supported:nesting=false) */\u003cbr /\u003e\n.parent \u0026gt; .a,\u003cbr /\u003e\n.parent \u0026gt; .b1 \u0026gt; .b2 {\u003cbr /\u003e\ncolor: red;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/tim-we\"\u003e\u003ccode\u003e@​tim-we\u003c/code\u003e\u003c/a\u003e for working on a fix.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003e\u0026amp;\u003c/code\u003e CSS nesting selector can be repeated multiple times to increase CSS specificity. Previously esbuild ignored this possibility and incorrectly considered \u003ccode\u003e\u0026amp;\u0026amp;\u003c/code\u003e to have the same specificity as \u003ccode\u003e\u0026amp;\u003c/code\u003e. With this release, this should now work correctly:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code (color should be red) */\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2023.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2023\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2023 (versions 0.16.13 through 0.19.11).\u003c/p\u003e\n\u003ch2\u003e0.19.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix TypeScript-specific class transform edge case (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3559\"\u003e#3559\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release introduced an optimization that avoided transforming \u003ccode\u003esuper()\u003c/code\u003e in the class constructor for TypeScript code compiled with \u003ccode\u003euseDefineForClassFields\u003c/code\u003e set to \u003ccode\u003efalse\u003c/code\u003e if all class instance fields have no initializers. The rationale was that in this case, all class instance fields are omitted in the output so no changes to the constructor are needed. However, if all of this is the case \u003cem\u003eand\u003c/em\u003e there are \u003ccode\u003e#private\u003c/code\u003e instance fields with initializers, those private instance field initializers were still being moved into the constructor. This was problematic because they were being inserted before the call to \u003ccode\u003esuper()\u003c/code\u003e (since \u003ccode\u003esuper()\u003c/code\u003e is now no longer transformed in that case). This release introduces an additional optimization that avoids moving the private instance field initializers into the constructor in this edge case, which generates smaller code, matches the TypeScript compiler's output more closely, and avoids this bug:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e// Original code\nclass Foo extends Bar {\n  #private = 1;\n  public: any;\n  constructor() {\n    super();\n  }\n}\n\u003cp\u003e// Old output (with esbuild v0.19.9)\u003cbr /\u003e\nclass Foo extends Bar {\u003cbr /\u003e\nconstructor() {\u003cbr /\u003e\nsuper();\u003cbr /\u003e\nthis.#private = 1;\u003cbr /\u003e\n}\u003cbr /\u003e\n#private;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// Old output (with esbuild v0.19.10)\u003cbr /\u003e\nclass Foo extends Bar {\u003cbr /\u003e\nconstructor() {\u003cbr /\u003e\nthis.#private = 1;\u003cbr /\u003e\nsuper();\u003cbr /\u003e\n}\u003cbr /\u003e\n#private;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e// New output\u003cbr /\u003e\nclass Foo extends Bar {\u003cbr /\u003e\n#private = 1;\u003cbr /\u003e\nconstructor() {\u003cbr /\u003e\nsuper();\u003cbr /\u003e\n}\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMinifier: allow reording a primitive past a side-effect (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3568\"\u003e#3568\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe minifier previously allowed reordering a side-effect past a primitive, but didn't handle the case of reordering a primitive past a side-effect. This additional case is now handled:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e9174d671b1882758cd32ac5e146200f5bee3e45\"\u003e\u003ccode\u003ee9174d6\u003c/code\u003e\u003c/a\u003e publish 0.25.0 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/c27dbebb9e7a55dd9a084dd151dddd840787490e\"\u003e\u003ccode\u003ec27dbeb\u003c/code\u003e\u003c/a\u003e fix \u003ccode\u003ehosts\u003c/code\u003e in \u003ccode\u003eplugin-tests.js\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/6794f602a453cf0255bcae245871de120a89a559\"\u003e\u003ccode\u003e6794f60\u003c/code\u003e\u003c/a\u003e fix \u003ccode\u003ehosts\u003c/code\u003e in \u003ccode\u003enode-unref-tests.js\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/de85afd65edec9ebc44a11e245fd9e9a2e99760d\"\u003e\u003ccode\u003ede85afd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/da1de1bf77a65f06654b49878d9ec4747ddaa21f\"\u003e\u003ccode\u003eda1de1b\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4065\"\u003e#4065\u003c/a\u003e: bitwise operators can return bigints\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f4e9d19fb20095a98bf40634f0380f6a16be91e7\"\u003e\u003ccode\u003ef4e9d19\u003c/code\u003e\u003c/a\u003e switch case liveness: \u003ccode\u003edefault\u003c/code\u003e is always last\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/7aa47c3e778ea04849f97f18dd9959df88fa0886\"\u003e\u003ccode\u003e7aa47c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4028\"\u003e#4028\u003c/a\u003e: minify live/dead \u003ccode\u003eswitch\u003c/code\u003e cases better\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/22ecd306190b8971ec4474b5485266c20350e266\"\u003e\u003ccode\u003e22ecd30\u003c/code\u003e\u003c/a\u003e minify: more constant folding for strict equality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4cdf03c03697128044fa8fb76e5c478e9765b353\"\u003e\u003ccode\u003e4cdf03c\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4053\"\u003e#4053\u003c/a\u003e: reordering of \u003ccode\u003e.tsx\u003c/code\u003e in \u003ccode\u003enode_modules\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/dc719775b7140120916bd9e6777ca1cb8a1cdc0e\"\u003e\u003ccode\u003edc71977\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/3692\"\u003e#3692\u003c/a\u003e: \u003ccode\u003e0\u003c/code\u003e now picks a random ephemeral port\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.18.13...v0.25.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jsonwebtoken` from 8.5.1 to 9.0.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md\"\u003ejsonwebtoken's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.3 - 2025-12-04\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eupdates jws version to 4.0.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0.2 - 2023-08-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: updating semver to 7.5.4 to resolve CVE-2022-25883, closes \u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/921\"\u003e#921\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003erefactor: reduce library size by using lodash specific dependencies, closes \u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/878\"\u003e#878\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0.1 - 2023-07-05\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(stubs): allow decode method to be stubbed\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0.0 - 2022-12-21\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes: See \u003ca href=\"https://github.com/auth0/node-jsonwebtoken/wiki/Migration-Notes:-v8-to-v9\"\u003eMigration from v8 to v9\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved support for Node versions 11 and below.\u003c/li\u003e\n\u003cli\u003eThe verify() function no longer accepts unsigned tokens by default. ([834503079514b72264fd13023a3b8d648afd6a16]\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/834503079514b72264fd13023a3b8d648afd6a16\"\u003ehttps://github.com/auth0/node-jsonwebtoken/commit/834503079514b72264fd13023a3b8d648afd6a16\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRSA key size must be 2048 bits or greater. ([ecdf6cc6073ea13a7e71df5fad043550f08d0fa6]\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/ecdf6cc6073ea13a7e71df5fad043550f08d0fa6\"\u003ehttps://github.com/auth0/node-jsonwebtoken/commit/ecdf6cc6073ea13a7e71df5fad043550f08d0fa6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKey types must be valid for the signing / verification algorithm\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: fixes \u003ccode\u003eArbitrary File Write via verify function\u003c/code\u003e - CVE-2022-23529\u003c/li\u003e\n\u003cli\u003esecurity: fixes \u003ccode\u003eInsecure default algorithm in jwt.verify() could lead to signature validation bypass\u003c/code\u003e - CVE-2022-23540\u003c/li\u003e\n\u003cli\u003esecurity: fixes \u003ccode\u003eInsecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC\u003c/code\u003e - CVE-2022-23541\u003c/li\u003e\n\u003cli\u003esecurity: fixes \u003ccode\u003eUnrestricted key type could lead to legacy keys usage\u003c/code\u003e - CVE-2022-23539\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/ed59e76ea37a80f54b833668c02a5271984dcba3\"\u003e\u003ccode\u003eed59e76\u003c/code\u003e\u003c/a\u003e chore: bump jws to 4.0.1 (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/1007\"\u003e#1007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/bc28861f1fa981ed9c009e29c044a19760a0b128\"\u003e\u003ccode\u003ebc28861\u003c/code\u003e\u003c/a\u003e Release 9.0.2  (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/96b89060cfc19272a7d853f53cb28c42580a6a67\"\u003e\u003ccode\u003e96b8906\u003c/code\u003e\u003c/a\u003e refactor: use specific lodash packages (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/ed35062239c0195d4341025d4699cc39608b435e\"\u003e\u003ccode\u003eed35062\u003c/code\u003e\u003c/a\u003e security: Updating semver to 7.5.4 to resolve CVE-2022-25883 (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/84539b29e17fd40ed25c53fc28db8ae41a34aff8\"\u003e\u003ccode\u003e84539b2\u003c/code\u003e\u003c/a\u003e Updating package version to 9.0.1 (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/920\"\u003e#920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/a99fd4b473e257c2f50ff69c716db1c520bf9a78\"\u003e\u003ccode\u003ea99fd4b\u003c/code\u003e\u003c/a\u003e fix(stubs): allow decode method to be stubbed (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/876\"\u003e#876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3\"\u003e\u003ccode\u003ee1fa9dc\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-8cf7-32gw-wr33\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/5eaedbf2b01676d952336e73b4d2efba847d2d1b\"\u003e\u003ccode\u003e5eaedbf\u003c/code\u003e\u003c/a\u003e chore(ci): remove github test actions job (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/861\"\u003e#861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/cd4163eb1407aab0b3148f91b0b9c26276b96c6b\"\u003e\u003ccode\u003ecd4163e\u003c/code\u003e\u003c/a\u003e chore(ci): configure Github Actions jobs for Tests \u0026amp; Security Scanning (\u003ca href=\"https://redirect.github.com/auth0/node-jsonwebtoken/issues/856\"\u003e#856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/node-jsonwebtoken/commit/ecdf6cc6073ea13a7e71df5fad043550f08d0fa6\"\u003e\u003ccode\u003eecdf6cc\u003c/code\u003e\u003c/a\u003e fix!: Prevent accidental use of insecure key sizes \u0026amp; misconfiguration of secr...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/auth0/node-jsonwebtoken/compare/v8.5.1...v9.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~julien.wollscheid\"\u003ejulien.wollscheid\u003c/a\u003e, a new releaser for jsonwebtoken since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 7.3.5 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pu...\n\n_Description has been truncated_","html_url":"https://github.com/OfficeDev/Microsoft-Teams-Samples/pull/2132","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OfficeDev%2FMicrosoft-Teams-Samples/issues/2132","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2132/packages"}}]}